Finance
Share this article

DeFi Protocol Ankr Says Ex-Employee Caused $5M Exploit

The company is working with law enforcement to prosecute the attacker.

By Oliver Knight
Updated May 9, 2023, 4:04 a.m. Published Dec 21, 2022, 3:56 p.m.
(Towfiqu Barbhuiya/Unsplash)
(Towfiqu Barbhuiya/Unsplash)

A former employee of decentralized finance (DeFi) protocol Ankr maliciously caused a $5 million exploit earlier this month, according to a statement published on Ankr's website.

The ex-employee inserted a malicious code package to conduct a supply chain attack, which allowed a user to mint 6 quadrillion aBNBc tokens, the company said. The attacker then converted those minted tokens for Binance Coin (BNB) before sending the ill-gotten gains to crypto mixer Tornado Cash. They eventually managed to swap the BNB tokens for 5 million USDC.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

"We are in the process of working with law enforcement to prosecute the former team member and bring them to justice," Ankr said in the statement.

Following the exploit, Ankr reimbursed impacted aBNBc or aBNBb token holders by airdropping ankrBNB and also airdropped BNB to all affected DeFi liquidity providers.

AnkrDeFiExploit

More For You

Protocol Research: GoPlus Security

By CoinDesk Research
Nov 14, 2025
Commissioned byGoPlus
GP Basic Image

What to know:

  • As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
  • GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
  • Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
View Full Report

More For You

USDC Issuer Circle Secures Abu Dhabi's ADGM License in Middle East Expansion

By Krisztian Sandor, AI Boost|Edited by Nikhilesh De
7 hours ago
Jeremy Allaire, Co-Founder, Chairman and CEO, Circle Speaks at Hong Kong Fintech Week in 2024 (HK Fintech Week)

The license allows Circle to expand USDC payment and settlement tools across the United Arab Emirates.

What to know:

  • Circle has obtained a Financial Services Permission license from Abu Dhabi Global Market, allowing it to operate as a Money Services Provider in the UAE.
  • The stablecoin issuer has appointed Dr. Saeeda Jaffar, former manager at payments firm Visa.
  • The approval comes as part of the UAE's emergence as a global hub for regulated digital assets, following similar licenses granted to Binance.
Read full story