{"id":68425,"date":"2022-10-11T17:42:34","date_gmt":"2022-10-11T14:42:34","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=68425"},"modified":"2025-09-07T14:02:59","modified_gmt":"2025-09-07T11:02:59","slug":"unknown-attacker-drains-over-1-million-from-qanplatform-blockchain","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/unknown-attacker-drains-over-1-million-from-qanplatform-blockchain\/","title":{"rendered":"Unknown attacker drains over $1 million from QANplatform blockchain"},"content":{"rendered":"<p>An attacker hacked the cross-chain bridge smart contract of QANplatform and withdrew QANX tokens worth more than $1 million. The token price collapsed by almost 94%.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">The bridge smart contract that is offline was hacked and the attacker managed to withdraw tokens. <\/p>\n<p>Please don\u2019t perform any transactions related to the QANX token. <\/p>\n<p>We are investigating the issue and going to keep you updated.<\/p>\n<p>\u2014 QANplatform (@QANplatform) <a href=\"https:\/\/twitter.com\/QANplatform\/status\/1579759166478254080?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>PeckShield specialists reported that the hacker swapped assets for about 3,090 BNB (~$0.8m) and ~256 ETH ($0.3m). He began transferring the funds to the Tornado Cash mixer.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> The <a href=\"https:\/\/twitter.com\/QANplatform?ref_src=twsrc%5Etfw\">@QANplatform<\/a> exploiter has swapped tons of stolen <a href=\"https:\/\/twitter.com\/search?q=%24QANX&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$QANX<\/a> to ~3,090 <a href=\"https:\/\/twitter.com\/search?q=%24BNB&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$BNB<\/a> ($837.5k) and ~256 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> ($328k) and started to transfer to Mixer (Tornado Cash) <a href=\"https:\/\/t.co\/6Hn73CxJ5b\">https:\/\/t.co\/6Hn73CxJ5b<\/a> <a href=\"https:\/\/t.co\/CsiA9pBgwr\">pic.twitter.com\/CsiA9pBgwr<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1579778378609360896?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>BlockSec experts noted that the hacker exploited the Profanity vulnerability to create vanity addresses. A similar vulnerability was used to deploy the protocol.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">We confirmed that <a href=\"https:\/\/twitter.com\/QANplatform?ref_src=twsrc%5Etfw\">@QANplatform<\/a> deployer address (0x68e8198d5b3b3639372358542b92eb997c5c314a) are vulnerable to the profanity vulnerability. The private keys can be recovered. Multiple attackers have exploited this vulnerability. <a href=\"https:\/\/t.co\/wlq7ZlmF8I\">pic.twitter.com\/wlq7ZlmF8I<\/a><\/p>\n<p>\u2014 BlockSec (@BlockSecTeam) <a href=\"https:\/\/twitter.com\/BlockSecTeam\/status\/1579781207503802369?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>BlockSec believes that this bug has been exploited by several attackers. Yet ParaSwap\u2019s team, for example, rejected such suspicions by cybersecurity experts from Supremacy.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">1\/ Hi <a href=\"https:\/\/twitter.com\/paraswap?ref_src=twsrc%5Etfw\">@paraswap<\/a>, I heard that you want to see this? your deployer address private key may have been compromised (possibly due to Profanity vulnerability) and funds have been stolen on multiple chains.<a href=\"https:\/\/t.co\/ijHaTwAj0l\">https:\/\/t.co\/ijHaTwAj0l<\/a><\/p>\n<p>\u2014 Supremacy Inc. (@Supremacy_CA) <a href=\"https:\/\/twitter.com\/Supremacy_CA\/status\/1579742626961850368?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>QANplatform developers, after the incident, withdrew liquidity in QANX from decentralized exchanges Uniswap and PancakeSwap. They also paused trading and withdrawals on centralized platforms. According to <a href=\"https:\/\/www.coingecko.com\/en\/coins\/qanplatform\">CoinGecko<\/a>, the token is listed on BitMart, Gate.io and MEXC Global.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">The trading, deposits and withdrawals on CEXes has been paused. The liquidity has been withdrawn from Uniswap and Pancakeswap to mitigate the losses of users and further draining of the liquidity pool.<\/p>\n<p>\u2014 QANplatform (@QANplatform) <a href=\"https:\/\/twitter.com\/QANplatform\/status\/1579770352263364608?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The QANX price plummeted by almost 94%, to around $0.0007. The token\u2019s market capitalization stands at around $1.6 million.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh5.googleusercontent.com\/K-J5cLs6aJs-3v0wmkZk6YvIN_zsmxAw8HXDoiagQDM6Blg5SJ6qf46YDE_uZazj58iT7QDZy9otptJtx141qXqn7WogCYpdKFgPq_Jvp5FxAjeMlftjBgSLETpiEpnEt1Zvgn_elOByOUbIZQvOirvXPrTTJXXCAezbl-cSAybKGlSgG2zL4Fwtmw\" alt=\"Unknown attacker drained over $1 million from QANplatform blockchain\"\/><figcaption>Data: CoinGecko.<\/figcaption><\/figure>\n<p>In Q3 2022, losses across the <a href=\"https:\/\/u1f987.com\/en\/news\/what-is-web3\">Web3<\/a> ecosystem from hacks and fraud amounted to $428.7m.<\/p>\n<p>From the total, $399m was due to hacker attacks. The bulk of losses is tied to two incidents \u2014 cross-chain protocol <a href=\"https:\/\/u1f987.com\/en\/news\/nomad-offers-hackers-90-of-stolen-funds-to-return-assets\">Nomad ($190m)<\/a> and market maker <a href=\"https:\/\/u1f987.com\/en\/news\/hackers-stole-160-million-from-wintermute\">Wintermute ($160m)<\/a>.<\/p>\n<p>Follow ForkLog&#8217;s bitcoin news on our <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">Telegram<\/a> \u2014 crypto news, prices and analytics.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">The trading, deposits and withdrawals on CEXes has been paused. The liquidity has been withdrawn from Uniswap and Pancakeswap to mitigate the losses of users and further draining of the liquidity pool.<\/p>\n<p>\u2014 QANplatform (@QANplatform) <a href=\"https:\/\/twitter.com\/QANplatform\/status\/1579770352263364608?ref_src=twsrc%5Etfw\">October 11, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The QANX price plummeted by almost 94%, down to $0.0007. The token\u2019s market capitalization stands at about $1.6 million.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh5.googleusercontent.com\/K-J5cLs6aJs-3v0wmkZk6YvIN_zsmxAw8HXDoiagQDM6Blg5SJ6qf46YDE_uZazj58iT7QDZy9otptJtx141qXqn7WogCYpdKFgPq_Jvp5FxAjeMlftjBgSLETpiEpnEt1Zvgn_elOByOUbIZQvOirvXPrTTJXXCAezbl-cSAybKGlSgG2zL4Fwtmw\" alt=\"Unknown attacker drained over $1 million from QANplatform blockchain\"\/><figcaption>Data: CoinGecko.<\/figcaption><\/figure>\n<p>In Q3 2022, losses across the Web3 ecosystem from hacks and fraud amounted to $428.7m. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>An attacker hacked the cross-chain bridge contract of QANplatform and withdrew QANX tokens worth more than $1 million. The token price collapsed by almost 94%.<\/p>\n","protected":false},"author":1,"featured_media":68426,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154],"class_list":["post-68425","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes"],"aioseo_notices":[],"amp_enabled":true,"views":"18","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/68425","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=68425"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/68425\/revisions"}],"predecessor-version":[{"id":68427,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/68425\/revisions\/68427"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/68426"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=68425"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=68425"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=68425"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}