Skip to content

A DeFi exploit has wiped out $31 million in Ankr tokens, rendering them useless

A security researcher has discovered a devious exploit that has siphoned over $31 million worth of Ankr tokens, rendering them useless.

Photo by Nahel Abdul Hadi / Unsplash

DeFi, or decentralized finance, refers to a class of tokens designed to facilitate the use of cryptocurrencies in financial markets. While there has been a growing demand for these products, they also present several risks regarding security and stability.

Hackers used the exploit to drain the reserves of Ankr and then transfer those funds into their wallets. This could be done through phishing or other methods. The hacker also used this method to steal another $12 million tokens from another exchange called EtherDelta.

Ankr is an open-source, decentralized finance protocol based on Ethereum blockchain technology powered by its native token (ANKR). It uses a hybrid PoW/PoS consensus mechanism with incentives for staking nodes called 'TREES' (Trustless Reward Engine). TREESs are generated using PoW mining but can be converted into ANKRs at any time using TREE-to-ANKR conversion smart contracts deployed across multiple blockchains, including Ethereum mainnet plus Polkadot [POD] network.

The Ankr token price plummeted after the exploit was revealed to the public.

The Ankr token price plummeted after the exploit was revealed to the public. The cryptocurrency dropped from $0.10 to $0.00 before recovering slightly and then falling again to $0.05 on Thursday morning before recovering further during trading hours on Friday morning.

This will likely be followed by another drop in price due to market volatility as investors become aware that they have lost money through no fault of their own. Still, these losses will likely be recovered over time as more rational investors enter into a position that allows them to profit from an arbitrage opportunity between two different prices for this asset (the current one being exorbitantly high compared with its intrinsic value).

The gas price increased by 1,000% to stop the exploit.

The gas price increased by 1,000% to stop the exploit.

The gas price is the cost of using the Ethereum network. It's determined by miners and reflects how much work they would like you to do before they let your transaction go through. The more expensive it is, the less likely someone will want to participate in your transaction (and thus make money). In this case, it went from 0.5 GWEI (gas used when making a call on an app) up to 5 GWEI (which means that someone who wanted their contract executed would have had to pay five times more).

Projects with aggressive marketing strategies for their DeFi products should slow down and ensure their products are secure before release.

An important step toward building secure products is using frameworks, systems architecture, and programming languages that encourage good security practices. The best way to ensure your product is secure is by building it with a secure development framework and system architecture.

For example, suppose you are building an app that uses Ethereum for its smart contract layer or on-chain computation operations. In that case, it's important to ensure that your code is written in such a way as not only prevents bugs but also provides reasonable security guarantees against attack vectors like remote code execution or CVE-2019-0708 (Ethereum). This can be done by using libraries such as Truffle, which have been tested against these attacks (as well as many others).


The Ankr protocol is a promising DeFi project that has the potential to revolutionize the way we store data on the blockchain. But it's important to remember that even if you're using a secure, reliable system, there is still a risk of attack. The most important thing to do is make sure your token makes it easy for users to withdraw their funds if something goes wrong.