The decentralized hub of the Polkadot ecosystem, Acala, has suffered a major security breach, leading to its native stablecoin, aUSD, losing parity with the dollar and plummeting by more than 50%.
Acala Exploited to Mint 1.3 Billion Tokens
On Sunday, August 14, hackers exploited a bug in a newly-deployed iBTC/AUSD liquidity pool of Acala and minted 1.28 billion tokens.
After realizing the network had been exploited, the Acala team disabled the transfer functionality of the “erroneously minted aUSD” still on the Acala parachain.
The action from the Acala team was unable to stop the aUSD from losing the 1:1 peg it had held with the U.S. Dollar since February when it launched.
Another Free For all Exploit
A wallet address identified to belong to the hacker still holds approximately 1.27 billion aUSD. The hacker allegedly swapped a small fraction of the stablecoins for Acala’s native token ACA and four other tokens.
However, on-chain autopsies revealed that other people took advantage of the bug to steal thousands of dollars worth of DOT from the liquidity pool.
With people joining in, the Acala hack now resembles the free-for-all Nomad exploits, which saw over $190 million stolen from the decentralized finance (DeFi) protocol.
On the Flipside
- Acala Dollar (aUSD) is now fighting to recover its dollar peg and has gained 9% in the last 24 hours to trade at $0.923.
The 2D price chart for Acala Dollar (aUSD). Source: CoinMarketCap
Why You Should Care
The de-pegging of aUSD adds more pressure on stablecoins in a year when UST, USDT, USDC, DAI, and a couple of others have at a point lost their USD peg.
Read about the Nomad hack in:
Find more info on the Solana-based stablecoin to lose its peg below:
The increasing attack on stablecoins has led to: