DeFi Protocol Qubit Finance Latest Target of Hack, Loses Around $80m

It’s a new week and we’ve got news for yet another hack in the DeFi world – this time on Qubit Protocol. The DeFi project which runs on Ethereum and Binance Smart Chain suffered a hack on their QBridge deposit function, causing a loss of $80 million.

The hack, which was initially discovered and revealed by a Twitter user who noticed suspicious withdrawal activity on BSCScan, was later confirmed by PeckShield and Certik. Attackers exploited a vulnerability in Qubit Finance’s bridge contract, QBridge, and camped off with with over 77,000 qxETH – the collateral held by the DeFi project.

The hack was discovered close to midnight on January 27 and a few hours later was confirmed by developers from the Qubit Team. According to their analysis, “In summary, the deposit function was a function that should not be used after deposit ETH was newly developed, but it remained in the contract.”

Nearly three days after the incident, the hacker is yet to be caught, although Qubit has confirmed that it is closely monitoring transaction activity on wallets associated with the attack. The DeFi protocol has requested assistance from Binance in coming up with a way to resolve the hack and move forward.

In addition, its team of developers have also announced a $250k bounty in case the hacker returns the stolen funds. Unfortunately, this is not the first time Qubit Finance has been in the news due to a hack. In 2021, they also suffered losses when PancakeBunny suffered flash loan attacks.