Ankr deploys $15M to make whole users as Helio stablecoin recovers after exploit

Published at: Dec. 7, 2022

According to a Twitter post dated Dec. 7, stablecoin protocol Helio, which issues the HAY stablecoin pegged against the U.S. dollar, said that the firm had bought back $3 million worth of bad debt in HAY thus far in the open market. The day prior, blockchain infrastructure platform Ankr stated it would allocate $15 million to buy back the bad debt resulting from its recent exploit and the resultant over-circulation of HAY. 

A series of seemingly unrelated incidents occurred on Dec. 2 when a hacker manipulated vulnerabilities in Ankr's smart contract code and compromised private keys after a technical upgrade. As a result, the hacker minted 20 trillion Ankr Reward Bearing Staked BNB (aBNBc) tokens, pegged to the BNB token (BNB), and dumped them as the price of aBNBc plunged to less than $2.

However, a trader then took advantage of an alleged hard-coding of pegged prices between aBNBc and BNB on the Helio protocol. The trader bought 183,885 aBNBc with only 10 BNB and used it as collateral to borrow 16 million HAY, which was then swapped for 15.5 million Binance USD, earning a 5,209x profit from their original capital.

2/ Firstly, the team has already started our peg recovery process for $HAY, and this process is expected to be completed by Tuesday, December 6th UTC +4.We expect HAY to be re-pegged, or at the very least, be close to the $1 mark.

— Helio Protocol ($HAY) (@Helio_Money) December 4, 2022

Subsequent to the exploit, HAY lost its peg and fell to as low as $0.20 per coin before recovering most of its losses and is now trading at $0.96 at the time of publication. Immediately after the incident, the Helio team stated that it would be repurchasing the excess HAY and sending it to a burn address. Originally, users were able to mint HAY by depositing BNB as collateral at a ratio of 152%. The protocol had a total value locked of around $90 million before the incident.

Tags
Related Posts
This platform turns data into cryptocurrency
Large-scale data breaches and the abuse of data by cybercriminals have become an everyday reality. Data is being utilized to drive massive profits in big tech and beyond. In 2018, a breach at Marriott Hotels resulted in 500 million records being stolen, and just earlier this year, Facebook had an enormous break where the details from 533 million users were taken. Cirus is offering individuals new financial opportunities through data monetization using the power of Web 3.0. With over 4,000 Cirus devices currently deployed in real households, the Cirus team is aiming to propel a new ownership economy. By harnessing …
Blockchain / Sept. 17, 2021
‘DeFi done right’: Layer-one protocol launches mainnet
A decentralized finance protocol has launched its mainnet — describing it as a crucial step on the journey to a frictionless financial future. Radix, which describes itself as a platform for smart money, is also launching Instapass with its Olympia mainnet — an optional user and developer service that delivers the world’s first single sign-on solution for building compliant DeFi. The Radix mainnet is being positioned as a generational improvement in the history of decentralized ledger computing — and one that delivers 100 times more executional efficiency than the Ethereum Virtual Machine. This comes hot on the heels of the …
Decentralization / July 29, 2021
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'
On Thursday, Jump Crypto, a crypto venture capital firm that owns Certus One, the developer of the Wormhole token bridge, announced it had deposited 120 thousand Ether (ETH) into a Solana-Ethereum bridge that suffered a devastating exploit. The day prior, hackers fraudulently minted 120 thousand wrapped Ether (wETH) worth $321 million on the Solana (SOL) platform, then redeemed 93,750 wETH for ETH on the Ethereum network while swapping the rest for other altcoins on the Solana network. The cross-chain ETH-wETH is supposed to have an exchange ratio of 1:1 against one another. Therefore, unauthorized minting of wETH leads to significant …
Technology / Feb. 3, 2022
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
Report: GALA token exploit resulted from public leak of private key on GitHub
According to a new post by blockchain security firm SlowMist on Nov. 7, it appears that the last week’s token exploit affecting GameFi project Gala Games resulted from a public leak of applicable security keys on GitHub. As told by SlowMist, pNetwork, the cross-chain interoperability bridge used by Gala Games on the BNB Smart Chain, had three privileged roles in its smart contract pGALA. “The Admin role is used to manage upgrades and changes to the Admin address of the proxy contract. The DEFAULT_ADMIN_ROLE role is used to manage various privileged roles in the logic (eg: MINTER_ROLE ), and the …
Technology / Nov. 7, 2022