Belt Finance, a platform that gives automated market making for DeFi, was hacked earlier on Saturday within a flash loan attack that resulted in the loss of $6.23 Mln.
It’s the latest attack on a DeFi protocol built on Binance Smart Chain, one among the so-called Ethereum killers that are built by centralized cryptocurrency exchange giant Binance.
Within an official web-blog post, Belt Finance revealed that the attacker created a smart contract that used PancakeSwap for flash loans and exploited its beltBUSD pool and its strategy protocols then proceeded to execute the contract 8x times for a sum profit of 6,234,753 BUSD [around $6.23 Mln USD].
beltBUSD vault users suffered a 21.36% loss of funds, while 4Belt pool users lost 5.51%, the protocol explained. No other pools/vaults were affected.
The protocol outlined that it paused withdrawals and deposits as soon as it was conscious of the attack which the vulnerability that permitted the attack to occur has been patched.
In its official blog post dated yesterday, Belt Finance added that the withdrawals and deposits would resume sometime within the next 24 to 48 hours that it’s performing on a “compensation plan” which will be released in the next 48 hours.