Top Crypto Infinite Mint Hacks
Infinite mint hacks are responsible for over 30% of hacks on cryptocurrencies. Over $500 million dollars have been lost to hackers through infinite mint hacks.
- Infinite mint hack involves hackers minting tokens in large quantities.
- Bugs in smart contract codes create loopholes that attackers use as a backdoor to perpetrate hacks.
- Auditing a smart contract does not make it 100% free from infinite mint hacks. It just makes it less prone to attacks.
- BNB bridge, wormhole and ankr are among the list of projects affected by infinite mint hacks.
What Is An Infinite Mint Hack?
Infinite mint hacks are one of the threats facing cryptocurrencies. An infinite mint hack occurs when a hacker attacks a protocol and mints tokens in large quantities. The minted tokens are then dumped in the crypto market. What follows next is simple economics: oversupply leads to a fall in price of the token.
How Is An Infinite Mint Hack Done?
The hacker exploits an error or bug in the protocol's smart contract and triggers it. This error or bug allows the excessive minting of tokens without collaterals. When the desired amount of tokens have been minted, the hacker floods the market with them by swapping them for other tokens.
The minting is done at high speed to enable the hacker to quickly do away with the tokens and cash out.
The sole reason why infinite mint hacks succeed is because the attacked smart contract contains bugs. Bugs in smart contract codes create loopholes that attackers use as a backdoor to perpetrate hacks.
Due to the nature of smart contracts as automatic business transactors that are programmed and codified, a transaction, once initiated, cannot be stopped. This allows hackers to mint the tokens in excessive quantities. And this is no fault of the smart contract. It is only doing what it has been programmed to do. The fault lies with the developers who developed the smart contract.
How To Prevent Infinite Mint Hacks
Since the problem originates from smart contract bugs, then the way to prevent infinite mint hacks is to ensure that the smart contracts are bug-free. To do this, a smart contract audit is necessary.
Developers of smart contracts must seek the services of reputable smart contract auditing firms. These firms, with the aid of expert auditors and auditing tools, seek and discover flaws in the smart contract codes. The auditing firm carries out a series of checks and files reports to the developer. The reports show the mistakes that need to be rectified. This ensures that the smart contract is safe and free from bugs.
However, auditing a smart contract does not make it 100% free from hacks. It just makes it less prone to attacks.
Top Crypto Infinite Mint Hacks
Infinite mint hacks have led to loss of millions of dollars. Here is a list of the infinite hacks that led to the most losses.
The BNB infinite mint hack occurred on the 26th of October, 2022.
BNB bridge allows investors transfer assets from Binance Beacon Chain to the BSC. Hackers exploited a big in the bridge and we're able to mint $BNB directly into their wallets. The amount of token minted was 2 million $BNB which was worth $586 million.
The hackers chose not to swap the token which would have moved the tokens away from Binance. Rather they deposited the $BNB as collateral and attempted to borrow funds to be moved to other networks. Binance validators prevented the attack. The Binance Smart Chain had to be temporarily deactivated due to the attack.
Wormhole serves as a bridge connecting Solana and other networks. Users can transfer their assets through the bridge.
On the 22nd of February, an attacker bypassed security checks in the bridge, and exploited a code bug. The hacker then minted 120 thousand $ETH on Solana and with the aid of the bridge, transferred them to Ethereum. The loss was estimated to be $326 Million. The hack is one of the most infamous hacks of all time.
The Polkadot-based dApp was attacked by a hacker who got access to the network's private keys then used the key to change smart contract codes. The new code allowed the burning and minting of new $PAID. The destruction of lod tokens meant the new tokens were under the hacker's control.
The attack led to the loss of $180 million. The price of PAID also fell by 85% due to inflation in the token's supply.
A total of 59,471,745.571 $PAID tokens were minted. Before the PAID team could stop the hacker, 2,501,203 had already been converted to ETH with a value of over $3 million
The attack led to speculations that the hack was a rug pull and not a hack. But PAID network's reimbursement of users has knocked the speculations away.
The hack occurred on January 27 and led to a loss of $80 million.
QBridge is a bridge that facilitates crypto exchange between Ethereum and Binance Smart Chain. The exploit was as a result of a bug that allowed the hacker mint wrapped ether tokens on BSC without depositing funds on Ethereum . A total of 206,809 coins were stolen. The hack ranks as the seventh largest DeFi hack.
Cashio is a DeFi application that operates on the Solana blockchain. It gives users access to mint $CASH, a stablecoin pegged to the USD. Users provide collaterals in form of other tokens and are permitted to mint the stablecoin.
The hacker discovered a bug that allowed the minting of an infinite amount of CASH without having to tender a collateral. Thus, the attacker was able to mint two billion CASH stablecoins which were swapped for other assets through Saber. This attack led to the total loss of Cashier's TVL. It was estimated to be $48 million
COVER is a DeFi service provider app. On the 28th of December, 2022, an anonymous hacker manipulated a bug in COVER's code and was able to mint a total of 12 quintillion COVER tokens. The hacker dumped $5 million worth of COVER tokens in the market and this led to the cryptocurrency's 92% fall in price.
Ankr is a network that offers proof-of-stake services by letting users stake their tokens easily without having to buy the necessary hardware.
The DeFi platform was hacked in December, 2022. The attacker gained access to the developer's private keys and upgraded the smart contract. This upgrade gave the hacker the privilege to mint tokens. 6 quadrillion of aBNBc tokens were minted. The hacker then converted them into around 5 million USDC.
The attack led to the halt in ANKR withdrawal on Binance.
The loss was estimated to be $5 million.
Infinite Mint Hacks have made investors lose precious assets to hackers. The only known prevention is Smart contracts auditing which is not a guarantee of protection. This means blockchains have to find ways to beef up their security in a way that bugs will not have huge impacts on the running of the smart contracts. Failure to do this will only ensure that hackers have more bugs to exploit and more assets to steal. The end result will not be feasible for the investors who seek a safe haven for their hard-earned money.
Pontem Network is a product development studio developing the next generation of dApps for the Aptos ecosystem in order to accelerate global adoption for both customers and institutions.
Pontem also created a fork of the Diem Move Virtual Machine that is easily deployable to other current chains such as Polkadot, Avalanche, Cosmos, and others.
Aptos, a Layer 1 POS network with over 100 apps developed on it, was established by Mo Shaikh and Avery Ching with the goal of creating the most secure and scalable blockchain possible. After a series of testnets were released at the beginning of the year, the mainnet went live on October 19, 2022.
For application development, the Aptos blockchain employs the Move programming language and the Move VM, both of which were built and optimized for blockchain use cases. The language was created with scalability and security in mind.
Aptos blockchain is a Proof of Stake network with low latency Byzantine Fault Tolerant (BFT) technology. When a node or set of nodes behaves maliciously, the BFT mechanism prevents network failure.
For more details of what Pontem is supporting the Aptos ecosystem, visit their website.