Belt Finance Loses $6.23M in Another Exploit of a Binance Smart Chain DeFi Protocol

Belt Finance, a platform that provides automated market making for decentralized finance (DeFi), was hacked Saturday in a flash loan attack that resulted in the loss of $6.23 million.

  • It’s the latest attack on a DeFi protocol built on Binance Smart Chain, one of the so-called Ethereum killers that’s built by centralized crypto exchange giant Binance.
  • In a blog post, Belt Finance said the attacker created a smart contract that used PancakeSwap for flash loans and exploited its beltBUSD pool and its strategy protocols and then proceeded to execute the contract eight times for a total profit of 6,234,753 BUSD (US $6.23 million).
  • beltBUSD vault users suffered a 21.36% loss of funds, while 4Belt pool users lost 5.51%, the protocol said. No other pools/vaults were affected.
  • The protocol said it paused withdrawals and deposits as soon as it were aware of the attack and that the vulnerability that allowed the attack to occur has been patched.
  • In its blog post dated yesterday, Belt Finance said withdrawals and deposits would resume sometime in the next 24 to 48 hours and that it’s working on a “compensation plan” that will be released in next 48 hours.
Read more: bEarn Fi Loses $11M in Latest Exploit of a Binance Smart Chain DeFi Protocol