Spartan Protocol (SPARTA), a liquidity protocol for asset exchange and synthetic asset generation built on Binance Smart Chain (CRYPTO: BNB), was exploited for over $30 million over the weekend.
What Happened: Hackers were able to obtain $30.5 million worth of funds due to “flawed logic in calculating the liquidity share when the pool token is burned to withdraw the underlying assets,” according to a post mortem of the exploit by PeckShield.
What we know so far –
*Attacker used $61m in BNB to overcome the pools via a as yet unknown economic exploit path to remove roughly $30m in funds from the pools.
Reach out if you can help identify and analyse the exploit.https://t.co/aNTvdzKOeF
— Spartan Protocol (@SpartanProtocol) May 2, 2021
The Spartan Protocol tweeted about the exploit four hours after it took place, by which time the hackers had already withdrawn part of his profit using Anyswap.
“Four hours elapsed between the first and last attack and another four between the last attack and the Spartan Protocol tweet about this exploit,” said research analyst Igor Igamberdiev on Twitter.
“This suggests that the attacker chose a perfect time, which did not allow the team to react in time.”
Why It Matters: The Spartan hack is one of the largest DeFi hacks in history, ranking 6th in Rekt’s leaderboard of most significant exploits to date.
Rekt, which specialized in analyzing crypto hacks, declared that this particular exploit was a “relatively straightforward story of another copied protocol who were too ambitious with their imitation.”
The Spartan Protocol said it would work towards rebuilding with more focus on continual reviews.
Despite the flaw in the code, the protocol claims that the code was audited and built from scratch.
“Nobody should have any beef with the project,” said Spartan on Twitter.
Price Action: The protocol’s native crypto token SPARTA fell by over 30% on Sunday, after news of the exploit became public.
At press time, the token was trading at $1.58 after recovering from a 24-hour low of $0.98, according to CoinMarketCap.
© 2021 Benzinga.com. Benzinga does not provide investment advice. All rights