Beanstalk, Stablecoin protocol based on Ethereum loses around $182 million to hackers

Beanstalk, an Ethereum-based credit-focused stablecoin platform, was hacked early Sunday.



According to blockchain data from security firm PeckShield, the protocol lost around $182 million in various crypto assets.


Meanwhile, the hacker made off with $80 million thanks to Tornado Cash, a cryptocurrency mixer technology that allows for private transactions, according to PeckShield.


As of press time, the attacker had obtained 24,830 ETH, which was valued about $75.8 million. The remaining monies were taken in the form of drained liquidity linked to the protocol's governance token.



The exploiter appears to have used an accumulation of governance tokens gained through a flash loan to build a fraudulent protocol enhancement proposal to give funds held in Beanstalk to an address used to generate donations for the Ukrainian government.


According to the report, the attacker obtained a considerable amount of Beanstalk's native governance token, Stalk, by taking out a flash loan on lending platform Aave.


The attacker was able to quickly approve a malicious governance proposal that siphoned protocol assets into a private Ethereum wallet thanks to the voting power provided by these Stalk tokens.