Decentralized finance (DeFi) lending protocol bZx was compromised for $55 million today, in what is becoming a recurring theme.
According to a tweet from the protocol today, the private key controlling the project’s deployment on Polygon and Binance Smart Chain (BSC) was compromised earlier in the day.
Blockchain security outfit SlowMist issued an alert stating that over $55 million was siphoned from the project by suspected attackers.
As of the time of writing, these funds are domiciled in seven separate addresses believed to be controlled by the hacker. According to the breakdown by SlowMist, the address with the most funds holds about $18.4 million, with other addresses having balances of $6 million, $13.8 million, $15.5 million, and $697.
The bZx team has advised yield farmers who have interacted with the protocol on the Polygon and BSC chains to revoke such approvals as quickly as possible.
The DeFi lending protocol also stated that the bZx’s smart contract was not affected by the private key leak. Also, with the project’s Ethereum deployment under the governance of a decentralized autonomous organization (DAO), funds on that particular chain are also reportedly safe from the incident.
bZx has suffered attacks on three other occasions, losing over $8 million in the most recent exploit, which took place in September 2020.