Crypto heist cleans out $182 million in seconds and wasn't even illegal
New York, New York - Blockchain tech is the Wild West of the finance world, but that doesn't mean attackers have to break the law to get rich.
The Decentralized Autonomous Organization (DAO) Beanstalk openly acknowledged it suffered an aggressive emptying of reserve funds April 17.
And it technically wasn't a hack, or illegal, since all the person who nabbed Beanstalk's funds needed to do was win a vote.
The Beanstalk DAO depends on a voting system for decisions the organization makes, and each member of the DAO can buy a stake. The bigger the stake, the more voting power you have.
So the attacker used $80 million in loans to buy up a controlling stake, and "voted" to transfer funds to their cryptowallet.
It was over in just seconds, and after paying back the loan, the attacker walked away with a tidy profit for their efforts.
The reason Beanstalk had reserve funds sitting around for the taking was that the DAO is basically a bank. Members can buy in to the Beanstalk's cryptocurrency, Beans, or give the DAO other cryptocurrencies. The funds are used to makes sure that the value of each Bean is right around one dollar.
After the heist, the value of the Beans dropped to around $.12, since some are still buying in with hopes that Beanstalk will recover some or all of the lost funds.
And it looks like there is a slim chance that might happen, since Beanstalk has offered to give the attacker 10% of the taken funds as a "Whitehat bounty" for uncovering the voting exploit, if the other 90% are returned to the DAO.
Cover photo: 123RF/monsitj