Ankr has extensively examined the facts and taken actions to avoid any attacks like the one that occurred on December 1st using the aBNBc token. This was done after recovering security and addressing the events that occurred as a result of the exploit. In an official statement, Ankr said that it is proud of the way the Ankr team dealt with the crisis at every turn and did the right thing by taking care of the Ankr community, regardless of how much damage may have been caused.
Following the aBNBc token hack, Ankr worked promptly to restore security and collaborated with DEXes to halt trade. The platform also developed and implemented a comprehensive recovery plan for the Ankr community, and also discovered who was responsible for the attack. Ankr said that it is currently working with law enforcement authorities to take appropriate legal action.
The Cause Of The Exploit & Ankr’s Response
A member of the Ankr team who is no longer employed by Ankr acted maliciously to carry out a supply chain attack by adding a malicious code package that was capable of compromising Ankr’s private key after a legitimate update was applied. The platform is currently coordinating its efforts with law enforcement to bring this former member of the team to justice and to prosecute them for their actions.
Unfortunately, it has been witnessed over the years that rogue actors from within an organization can disrupt any protocol, and as a result, Ankr is now trying to improve the HR processes and safety measures within the organization in order to bolster Ankr’s security posture moving ahead. Ankr implemented the following steps right after the attack:
1. Instant Action Taken To Mitigate The Attack
Right away, Ankr took a number of measures to mitigate any potential fallout from the vulnerability. Ankr informed the general public about the vulnerability and began carrying out preparations to remedy the problem as quickly as was humanly possible. After that, it notified any known off-ramps so that they could put their emergency preparations into action and suspend trading.
Additionally, Ankr protected the smart contracts by adding a new key, which made it impossible for any additional alterations to be made. After that, the platform upgraded its smart contracts and other mechanisms so that it could temporarily halt the transfer of the underlying collateral (BNB) within its liquid staking product so that it could remain secure.
2. Established A Recovery Plan
Ankr has begun compensating its consumers for the full extent of any damages they have sustained as a direct result of the exploit by taking a number of steps. The team was able to discover every holder of an aBNBc token in only 10 seconds by using Ankr’s very own Advanced API Tool.
This was a process that would have taken many hours to complete if the usual query methods had been utilized on a dedicated node. The Ankr team took a snapshot to establish which users were impacted, developed a replacement token called ankrBNB, airdropped that token to holders who were impacted, and devised a method to compensate the majority of those customers.
3. Reimbursed Ankr’s Community
Ankr is a Web3-native organization that has a community that is exceptionally powerful. The platform needed to do the right thing and refund any token holders who were negatively impacted so that it could keep this reputation intact. Therefore, Ankr repaired the harm to Helio (the platform that aBNBc uses for borrowing) by re-stabilizing HAY Price.
If the token is allowed to remain unpegged, Ankr will keep buying HAY even after all of the funds have been spent. In addition, Ankr airdropped ankrBNB tokens to holders of affected aBNBc or aBNBb tokens. Additionally, it airdropped BNB to all of the affected DeFi liquidity providers. Ankr came to an agreement to reimburse Wombat stkBNB LPs, and it planned to give complete coverage for BNB Wombat LPs.
New Improvements To Enhance Ankr’s Security
Ankr is now in the process of putting various improvements to its security posture into action. The following are some major additions to the reinforcements:
1. Requiring Multi-sig Authentication & Timelocks For All Updates
The vulnerability in Ankr’s developer key made the exploit viable in part due to the fact that there was only one probable point of failure. Ankr is going to introduce multi-sig authentication for updates, which will require signoff from all key custodians at time-restricted intervals. This will make it extremely difficult, if not impossible, for an attack of this type to occur in the future. The new ankrBNB contract and all Ankr tokens will both have their levels of security increased as a result of these features.
2. Revamping Internal Security Measures
Ankr will now need more stringent background checks for all employees, including independent contractors and people working remotely, in addition to taking further steps to verify the legal standing of those who are already employed by the company. Additionally, Ankr is conducting a review of access privileges and is taking additional precautions to restrict access to any sensitive systems.
3. Implementing New Monitoring & Notification Systems
The Ankr team was able to stop the attack at breakneck speed, but there is always room for improvement in how quickly Ankr can react in the future. The platform is in the process of creating new notification systems that will alert important staff to ensure that they are online as quickly as possible at any time of the day.
4. Refining Procedures For Working with DeFi protocols
Now that Ankr has gone through the experience of collaborating with teams from other protocols after an issue, it is capable of improving the process with a paradigm that has been formed for dealing with international teams through expedited communication channels.
The Way Forward
Despite the fact that Ankr has already done a reasonably good job of handling the situation, the platform is currently working to ensure that all loose ends are tied and that all impacted users have been reimbursed for their losses. Ankr’s objective is to answer every question that has been raised as a result of the exploit, and doing so will take some time. Ankr, which is designed to be user-friendly, places a high priority on the safety of its users, and the platform has made a commitment to proactively resolving the issue and preventing such situations in the future.
