$12 Million Hack in pNetwork Because of a Bug in DeFi

By Aleksandra Wilson
3 min read September 27, 2021

A bug in the DeFi (decentralized finance) protocol of pNetwork was exploited to steal crypto; this time, the theft amounted to $12.5 million. The hacker, who still hasn’t been identified, stole 277 wrapped Bitcoins. The info was disclosed on Sunday by pNetwork’s developer’s team. They informed through Twitter that the attack was made through a bug in the codebase of the protocol. The aforementioned bug was used to attack the tokens of pBTC, which are a wrapped Bitcoin version of pNetwork. The stored crypto was on BSC (Binance Smart Chain). They also let the users know that all the other funds in the network were safe.

One of the many decentralized finance applications on the market is wrapped assets. In the cryptocurrency industry,  there is a growing ecosystem called DeFi. That ecosystem offers a lot of the same services that traditionally one could find in a bank or brokerage. The main difference is that there are no centralized institutions.

What Is A Wrapped Asset?

In the case of Bitcoin, the users have to lock it up on its original blockchain and issue a “wrapped version” that is possible to process on different networks. That version tracks the original asset’s price while being compatible with other blockchains. 

The Solution From The pNetwork Team

On the website, pNetwork has around $190 million worth in different crypto, all locked in the cross-chain bridges of the protocol. Fortunately, most of the crypto in the network remained safe during the attack. Only the pBTC tokens on the Binance Smart Chain suffered from the hack. Not so long after they discovered what was going on, the group of developers declared that they had pinpointed the bug. The team also stated that they had already been working on a possible fix for it, and they were waiting for everyone to review it.

A Different Approach

Meanwhile, the developers offered the hacker a “clear” bounty of $1.5 million to return the stolen funds. It isn’t clear at this point if their appeal to the better nature of the hacker paid off or not. It is not clear whether the attacker even responded to their offer if it got rejected or simply ignored. They tried to approach the situation through a statement on their Twitter account. The message was directed to the hacker, calling him “the black hat hacker,” They were offering a bounty as high as $1,500,000 if he returned the funds.

The team reassured the users that they were already working to fix the problem for those who were affected. Again, the only users who suffered from the attack were the holders of pBTC on the Binance Smart Chain. No further statements have been made regarding the subject so far, except the reassurance that they will keep working on the matter.

Load more sync