Spartan Protocol exploit results in loss of $30M

The price of SPARTA token plunged 30% on Sunday as details of the attack came to light.

Spartan Protocol, a liquidity platform for synthetic assets on the Binance Smart Chain, was drained of $30 million in a coordinated attack on its liquidity pool late Saturday. 

The exploit targeted a “flawed liquidity share calculation” in the SPARTA/WBNB liquidity pool, which enabled the attacker to withdraw the funds, blockchain security company PeckShield explained. The security expert continued:

“In particular, the specific hack inflates the asset balance of the pool before burning the same amount of pool tokens to claim an unnecessarily large amount of underlying assets. The consequence of this attack results in more than $30M loss from the affected pool.”

The nuts and bolts of the attack center around the manipulation of flash loans, which were used to inflate the balance of the pool before burning an equivalent amount of pool tokens.

Spartan Protocol tweeted about the exploit late Saturday, explaining that the “Attacker used $61m in BNB to overcome the pools via […] as yet unknown economic exploit path to remove roughly $30m in funds from the pools.”

What we know so far –
*Attacker used $61m in BNB to overcome the pools via a as yet unknown economic exploit path to remove roughly $30m in funds from the pools.

Reach out if you can help identify and analyse the exploit.https://t.co/aNTvdzKOeF

CC @RektHQ @samczsun @bneiluj

— Spartan Protocol (@SpartanProtocol) May 2, 2021

Spartan Protocol’s latest update on the matter came early Sunday, where it linked followers to the PeckShield report:

Detailed analysis of the bug in Spartan Protocol v1.

Where to now?

Community fund a https://t.co/mfghq1UJjH for Spartan Protocol v2.

Rebuild the shield wall.https://t.co/s11s9rWTtA

— Spartan Protocol (@SpartanProtocol) May 2, 2021

The attack goes down as one of the single largest monetary exploits in DeFi history, according to Rekt. Only five other DeFi exploits resulted in the loss of more funds: EasyFi ($59 million), Uranium Finance ($57.2 million), Kucoin ($45 million), Alpha Finance ($37.5 million) and Meerkat Finance ($32 million).

The value of SPARTA, Spartan Protocol’s native token, plunged 30% on Sunday to $1.17. It was down over 29% in Bitcoin (BTC) comparative and 31.4% versus Ethereum (ETH).

Theft and exploitation are nothing new for the cryptocurrency community. In addition to the recent string of DeFi attacks, crypto criminals stole an estimated $1.9 billion in 2020, according to Finaria, an Italian publication. Fraud was the leading crypto-based crime, followed by theft and ransomware. The year before, in 2019, criminals made off with an estimated $4.5 billion worth of cryptocurrency. 

iBTC 並非有關信息的提供者,不會為客戶或任何第三者對於該信息的(包括但不限於)正確性、品質、準確性、安全性、完整性、可靠性、性能、及時性、報價或持續可用性負責。本頁任何內容都不是投資建議

下載iBTC 手機APP
感受最佳交易體驗