By Muyao Shen
bEarn Fi, a cross-chain auto yield farming protocol, was exploited earlier Sunday, resulting in a loss of almost $11 million, according to China-based blockchain analysis firm PeckShield.
- It’s the latest attack on a decentralized finance protocol built on Binance Smart Chain, one of the so-called Ethereum killers that’s built by centralized crypto exchange giant Binance.
- “Dear community, we are aware that users’ deposit in BUSD have increased significantly,” bEarn Fi’s official Twitter account stated at about 9:30 a.m. ET Sunday. “Please be advised that we are currently investigating the Alpaca Vault incident. No other bVault has been affected but we have taken a precautionary measure and temporarily paused withdrawals and deposits for all bVaults.”
- A spokesperson from PeckShield told CoinDesk in a WeChat message that the firm is still investigating the cause of the attack.
- On bEarn Fi’s Telegram group, users have been asking bEarn Fi’s team members since early Sunday morning about whether something went wrong with the Binance USD (BUSD) vault on bEarn Fi.
- “Is there a BUSD vault problem?” one user asked at 7:11 a.m. ET. “It’s increasing so much that it’s impossible.”
- “We are working on it,” one team member from bEarn Fi wrote in response to users’ multiple requests about whether their funds are safe.
- Earlier in May, another BSC-based defi protocol, Spartan Protocol, was attacked in a breach that caused more than $30 million in losses.
Can Bug Bounties Help DeFi Projects Avoid Security Breaches?Several DeFi projects, including C.R.E.A.M. Finance, have battled security breaches and exploits, raising questions about whether DeFi is mature enough to go mainstream. C.R.E.A.M.’s co-founder Leo Cheng joins “First Mover” to discuss how his sector seeks to improve security, including the launch of a $1.5 million bug bounty program.Volume 90%
Source : https://www.coindesk.com/bearn-fi-loses-11m-in-latest-exploit-of-a-binance-smart-chain-defi-protocol