Bitcoin Forum

Economy => Exchanges => Topic started by: wtsimis on January 28, 2022, 06:38:12 PM



Title: Qubit Finance got hacked, suffers $80 million loss
Post by: wtsimis on January 28, 2022, 06:38:12 PM
Crypto exchangers hacking are now occurring frequently. Every week news comes out that any exchange got hacked. Qubit Finance is the latest decentralized finance Defi protocol hacked. According to their tweet hackers steals over $80 million from Qubit Finance.  Hacker stole over 206,000 Binance Coin from QBridge protocol. The coins are worth like $80 million. The protocol does not accept any deposit asset in the platform.

Source: https://twitter.com/QubitFin/status/1486870238591594497


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: milewilda on January 28, 2022, 08:45:23 PM
Crypto exchangers hacking are now occurring frequently. Every week news comes out that any exchange got hacked. Qubit Finance is the latest decentralized finance Defi protocol hacked. According to their tweet hackers steals over $80 million from Qubit Finance.  Hacker stole over 206,000 Binance Coin from QBridge protocol. The coins are worth like $80 million. The protocol does not accept any deposit asset in the platform.

Source: https://twitter.com/QubitFin/status/1486870238591594497
Decentralized my ass? Exchange hacks do really happen and thats why its never been ideal nor worth to stay up your coins nor make out some investment on 3rd parties or something like that.
These places are the best spots or honeyspots  for these hackers yet this do involved millions of dollars for them to steal in and once there  would be some vulnerabilities then expect that this would surely happen next in line.Is there something we can do about recovery? None... I feel sorry for those people who do mainly lost up the money involving on this hack as always.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: coupable on January 28, 2022, 08:57:50 PM
Crypto exchangers hacking are now occurring frequently. Every week news comes out that any exchange got hacked. Qubit Finance is the latest decentralized finance Defi protocol hacked. According to their tweet hackers steals over $80 million from Qubit Finance.  Hacker stole over 206,000 Binance Coin from QBridge protocol. The coins are worth like $80 million. The protocol does not accept any deposit asset in the platform.

Source: https://twitter.com/QubitFin/status/1486870238591594497
Thank you for sharing the info. $80 million is a big money however i think it's somehow easy to trace them by devs as i also know that BNB is not fully decentralized and i am not sure if it can be frozen like USDT Erc20.
It becomes a frequent event to hear about a hacked exchange. We all hear lately about opensea being hacked and even btc.com exchange.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: batang_bitcoin on January 28, 2022, 10:42:27 PM
Crypto exchangers hacking are now occurring frequently. Every week news comes out that any exchange got hacked.
It's been happening every year. And this is the reason why many of us here keep reminding the others that don't leave huge amounts of crypto assets in exchanges or finances if we're not even going to trade and will just hold it, they're not a place to store our crypto for long holding.

Qubit Finance is the latest decentralized finance Defi protocol hacked. According to their tweet hackers steals over $80 million from Qubit Finance.  Hacker stole over 206,000 Binance Coin from QBridge protocol. The coins are worth like $80 million. The protocol does not accept any deposit asset in the platform.

Source: https://twitter.com/QubitFin/status/1486870238591594497
Another big money is taken from this defi. I guess it has something to do with their smart contracts and the hackers see the hope in it. I'm not technical on it but these hackers always look for that hole for them to penetrate. I saw the tweet of qubit that they're negotiating with the hackers.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: Darker45 on January 29, 2022, 03:10:38 AM
It seems other than the security loopholes that these DeFi platforms have, it is the structures or the designs themselves that somehow provide these thieves the ability to abuse these platforms. This is exactly the thing that worries regulators. For as long as DeFi and other crypto products are built, operated, and offered to the public unregulated, the risk on people's money is high. There is currently no agency that would scrutinize the security and viability of these financial platforms. There is no body that rejects or approves these sites based on their capacity to provide safe and sound services to the public.

What is even more pathetic is the pleading of the platform for the hacker to return the money and receive a bounty reward. Who steals $80 million in exchange for a much smaller amount? If this kind of platform proliferates, they would end up operating at the mercy of hackers.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: crwth on January 29, 2022, 03:27:40 AM
It seems like it's because some data parameters are not being correct. I saw one reply from that tweet, and it does look legit.

For those interested in the address of Qubit here, it is.

https://bscscan.com/address/0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7

I do hope they somehow make a recovery from it or something. They need to look further at possible entry points to prevent exploitations like this.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: batang_bitcoin on January 29, 2022, 07:36:12 AM
I do hope they somehow make a recovery from it or something. They need to look further at possible entry points to prevent exploitations like this.
They can only recover it if the hackers managed to agree to contact them and have a negotiation which is what they're doing right now. They're trying to reach out through Twitter.
Here's the tweet: https://twitter.com/QubitFin/status/1487210385619169283?cxt=HHwWhsDR0er90KMpAAAA
I don't think that the hackers will contact them any time soon. They've hacked them for one reason, to rob. These people don't have any shame as they know there will be tons of people that will be affected with their action.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: crwth on January 29, 2022, 12:49:09 PM
They can only recover it if the hackers managed to agree to contact them and have a negotiation which is what they're doing right now. They're trying to reach out through Twitter.
I don't think they would be able to get the results that they want with that right? But there's nothing wrong to do it as well. You'll never know if it will be like how other hackers have done. I remember an exchange got hacked but the hacker returned the funds and just told that they should be aware of those tactics. I don't remember the event though but I think it was last year.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: Husires on January 29, 2022, 03:48:53 PM
Did they manage to get those hacked coins back? Was it frozen or returned to them?
BSC is supposed to be centralized (modified version of Proof-of-Stake with only 21 Validators (11 validators) all of them controlled by who?! Binance) Or did I miss something?
If the platform is really decentralized, then discovering vulnerabilities in smart contracts is difficult, so either the programming is weak, or the hacker works in Qubit Finance or is related to the platform.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: batang_bitcoin on January 29, 2022, 06:26:18 PM
They can only recover it if the hackers managed to agree to contact them and have a negotiation which is what they're doing right now. They're trying to reach out through Twitter.
I don't think they would be able to get the results that they want with that right? But there's nothing wrong to do it as well. You'll never know if it will be like how other hackers have done. I remember an exchange got hacked but the hacker returned the funds and just told that they should be aware of those tactics. I don't remember the event though but I think it was last year.
Yeah, the same thought as mine. The hackers might be thinking up this point or they really don't want to participate for the return of the money. There are new tweets from qubit and it seems that there's no reply yet from them. The offer bounty they're giving to the hackers is $1M if they return the $80M.

Did they manage to get those hacked coins back? Was it frozen or returned to them?
Not yet and unlikely to get returned, they're only waiting for the response of the hacker to negotiate with them and offered them $1M for the return of the funds.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: JeromeTash on January 29, 2022, 06:33:31 PM
It seems like it's because some data parameters are not being correct. I saw one reply from that tweet, and it does look legit.

For those interested in the address of Qubit here, it is.

https://bscscan.com/address/0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7

I do hope they somehow make a recovery from it or something. They need to look further at possible entry points to prevent exploitations like this.
I remember at one time when Binance was hacked. CZ wanted a reorg on Bitcoin network, which backfired on him because Bitcoin is a truly decentralized network. Now, I am waiting to see what he will do on his centralized shitcoin network in order to be able to recover the stolen BNB  ;D


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: The Cryptovator on January 30, 2022, 05:41:48 PM
I remember at one time when Binance was hacked. CZ wanted a reorg on Bitcoin network, which backfired on him because Bitcoin is a truly decentralized network. Now, I am waiting to see what he will do on his centralized shitcoin network in order to be able to recover the stolen BNB  ;D
Could they freeze funds as USDT can? I can't read the code. If it's possible then they might take action by freezing funds. Though it's not an advantage if it's possible then using BNB is quite risky. Seems they become more popular day by day.

Hacking DeFi and centralized exchange news become regular lately which is a threat for the crypto industry. They aren't learning from others and not focusing on the security system. I know hackers find the loophole somehow, but they should always monitor by their security team.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: TryNinja on January 30, 2022, 06:08:13 PM
Could they freeze funds as USDT can? I can't read the code. If it's possible then they might take action by freezing funds.
BNB? No, they can't. Unless you think they own all the validators on the chain and can just fork as they wish, but this is a very different story.

Also, CZ/Binance didn't lose anything, why would he care? The users that deposited their wrapped BTC, USDC, USDT, etc... on the Qubit smart contract were the ones who got hit.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: vv181 on January 30, 2022, 08:39:00 PM
If the platform is really decentralized, then discovering vulnerabilities in smart contracts is difficult
Why would it make it difficult? The platform/contract is open source, everyone is able to audit and check the code. Ideally, I think decentralization should make detecting a vulnerability getting easier.

so either the programming is weak, or the hacker works in Qubit Finance or is related to the platform.
Certik made a detailed analysis of how the exploit gets executed: Qubit Bridge Collapse Exploited to the Tune of $80 Million (https://certik.medium.com/qubit-bridge-collapse-exploited-to-the-tune-of-80-million-a7ab9068e1a0). After I tried to look around, turns out the devs that made this app were also have been exploited in the past on another project. I believe the negligence should be on the security side.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: AmoreJaz on January 30, 2022, 08:58:51 PM
If the platform is really decentralized, then discovering vulnerabilities in smart contracts is difficult
Why would it make it difficult? The platform/contract is open source, everyone is able to audit and check the code. Ideally, I think decentralization should make detecting a vulnerability getting easier.

so either the programming is weak, or the hacker works in Qubit Finance or is related to the platform.
Certik made a detailed analysis of how the exploit gets executed: Qubit Bridge Collapse Exploited to the Tune of $80 Million (https://certik.medium.com/qubit-bridge-collapse-exploited-to-the-tune-of-80-million-a7ab9068e1a0). After I tried to look around, turns out the devs that made this app were also have been exploited in the past on another project. I believe the negligence should be on the security side.

so maybe the hackers knew their history and now, they tried again and succeeded. maybe, this will be their expensive lesson to change things about their security protocol. most hacked sites will only tighten their security after some incidents like this. why not make their security brick and mortar in the first place? or most of them don't want to invest in strong security features because of the added funds that will cost them?


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: Daltonik on February 11, 2022, 09:35:09 AM
After the incident, the Qubit Finance DeFi protocol development team announces the restructuring and transfer of the Qubit platform under the management of DAO, the development team will continue to work, and the exploit tracking will continue. Whether it will be more reliable from a security point of view, time will tell.

Source: https://pancakebunny.medium.com/the-next-chapter-dao-9630b2c087b


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: JeromeTash on February 11, 2022, 09:21:55 PM
After the incident, the Qubit Finance DeFi protocol development team announces the restructuring and transfer of the Qubit platform under the management of DAO, the development team will continue to work, and the exploit tracking will continue. Whether it will be more reliable from a security point of view, time will tell.

Source: https://pancakebunny.medium.com/the-next-chapter-dao-9630b2c087b

It seems to me like a bye bye message  ;D
I find it hard to believe such messages after the so-called "hacks" or "exploits" Who know if it was an insider job. I mean, $80M is more than enough to make half a dozen devs rich and go live on endless vacations, minus having to worry about the shitty DeFi platform.


Title: Re: Qubit Finance got hacked, suffers $80 million loss
Post by: Slow death on February 16, 2022, 08:22:16 AM
Crypto exchangers hacking are now occurring frequently. Every week news comes out that any exchange got hacked. Qubit Finance is the latest decentralized finance Defi protocol hacked. According to their tweet hackers steals over $80 million from Qubit Finance.  Hacker stole over 206,000 Binance Coin from QBridge protocol. The coins are worth like $80 million. The protocol does not accept any deposit asset in the platform.

Source: https://twitter.com/QubitFin/status/1486870238591594497
Decentralized my ass? Exchange hacks do really happen and thats why its never been ideal nor worth to stay up your coins nor make out some investment on 3rd parties or something like that.
These places are the best spots or honeyspots  for these hackers yet this do involved millions of dollars for them to steal in and once there  would be some vulnerabilities then expect that this would surely happen next in line.Is there something we can do about recovery? None... I feel sorry for those people who do mainly lost up the money involving on this hack as always.

You are right but it is important to understand that it is not possible for someone to day trade without having to leave coins on the exchange every day, so on this issue the problem is not in the people who leave coins on the exchange. the problem is in the exchanges that must be safe and have funds that guarantee that they can compensate customers in case of any possible hack. i just wanted to add this