DeFi Protocol Ankr Says Ex-Employee Caused $5M Exploit

A former employee of decentralized finance (DeFi) protocol Ankr maliciously caused a $5 million exploit earlier this month, according to a statement published on Ankr's website.

The ex-employee inserted a malicious code package to conduct a supply chain attack, which allowed a user to mint 6 quadrillion aBNBc tokens, the company said. The attacker then converted those minted tokens for Binance Coin (BNB) before sending the ill-gotten gains to crypto mixer Tornado Cash. They eventually managed to swap the BNB tokens for 5 million USDC.

"We are in the process of working with law enforcement to prosecute the former team member and bring them to justice," Ankr said in the statement.

Following the exploit, Ankr reimbursed impacted aBNBc or aBNBb token holders by airdropping ankrBNB and also airdropped BNB to all affected DeFi liquidity providers.