Qubit Finance, a decentralized finance (DeFi) network, was the latest target of a high-value crime on Thursday, with hackers stealing about $80 million in cryptocurrencies.
Because of the amount of cryptocurrency stolen, this is the most significant hack of 2022 so far.
In an incident report published on Medium, Qubit Finance acknowledges the hack. According to the investigation, the hack occurred on the evening of January 27th about 5 p.m. ET.
Qubit provides a “bridge” service across several blockchains, effectively allowing deposits in one cryptocurrency to be withdrawn in another. Qubit Finance is a cryptocurrency exchange that connects Ethereum to the Binance Smart Chain (BSC) network.
According to CertiK, a blockchain auditing and security firm, the hacker was able to take advantage of a security hole in Qubit’s smart contract code, allowing them to deposit 0 ETH and withdraw nearly $80 million in Binance Coin in exchange.
“Bridges will only become more significant as we transition from an Ethereum-dominated world to a fully multi-chain future,” CertiK analysts stated. “People need to shift funds from one blockchain to another, but they need to do so in a way that is not vulnerable to hackers capable of stealing more than [$80 million].”
The Qubit Finance team made a direct appeal to the hacker in a statement on Twitter, requesting them to negotiate with the team in order to reduce losses for the Qubit community.
According to Qubit’s incident report, the team was aiming to offer the hacker the highest potential payment under their bug bounty program. According to a listing for Qubit on the Immunefi bug bounty network, this is valued at $250,00.
Several DeFi projects have been hacked since the debut of Binance Smart Chain in 2020. According to Crypto Briefing, the most serious include a $31 million hack on Meerkat Finance in March 2021, a $50 million hack on Uranium Finance in April, and a $88 million hack on Venus Finance in May.