Arbix Finance - REKT

Arbix Finance - REKT

read this article also in:

zh

New year, old news.

Rug pulls are common on Binance Smart Chain.

We’re only mentioning this one because it was larger than most.

~$10 million taken, and no advanced attack techniques in sight.

Arbix Finance labelled themselves as an arbitrage-focused project on BSC, in which users could deposit into single-asset vaults in order “to gain optimal yield with low risk”.

However, their users got the opposite.

Starting around 3 AM +UTC on Jan 4th, the project drained the vaults of users’ funds and deleted their website, Twitter and Telegram accounts.

Around $10M in user’s assets were drained directly from the vaults into this wallet, beginning with ~$1M in BTCB.

Also stolen were:

$920k Binance-pegged ETH

$2.25M in BSC-USD

$1.7M BUSD

$1.4M CAKE

$1M BSC-USDC

As well as lesser amounts of ADA, DOT, DOGE, LINK, XRP and WBNB.

In addition to the vault funds, on the 10th December this address minted 4.5M ARBX. Once the rug pull had begun, these tokens were dumped via PancakeSwap, tanking the price from $1.42 to ~$0.00. The ~$50k in proceeds were then sent to the main rug wallet.

Funds were sent from the BSC wallet: 0x4714a26e4e2e1334c80575332ec9eb043b61a2c4

To Ethereum: 0x4714a26e4e2e1334c80575332ec9eb043b61a2c4

And from there, converted into ~2.5k ETH (currently worth ~$9.9M), then sent to 0xdc85c1eb22b0ece7be559a83fd788fe57f5a7a9f.

Despite providing the project’s audit in November of last year, and marking all major or critical issues as resolved, Certik decided to publish a basic incident analysis.

However, the thread merely served to attract the attention of the frustrated users who had trusted Certik’s stamp of approval.

In 2021 we covered $2.1B in scams, hacks, and rug pulls.

Will we see more than that this year?

Vote now in our Telegram group.

share this article

REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.

donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C

disclaimer:

REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.

you might also like...

Tapioca DAO - Rekt

Tapioca DAO - REKT

Another day, another private key theft, another protocol rekt. Tapioca DAO on Arbitrum suffers a roughly $4.4 million loss in a private key compromise. Some funds have been recovered, though the full extent of the damage remains to be seen.

MORE

Radiant Capital - Rekt II

Radiant Capital - Fork - REKT

Radiant Capital gets a $53M haircut. Thought multi-sigs were safe? Think again. Radiant's "robust" 3/11 setup crumbled like a house of cards. Exploited twice in 2024, the future of Radiant looks about as bright as a black hole.

MORE

Surviving Digital Danger

Scams - Robbery - REKT

Think you've mastered the crypto minefield? Think again. Surviving Digital Danger - The rekt guide to turning paranoia into an art form. It's time to level up your crypto survival skills.

MORE