Ankr says ex-employee caused $5M exploit, vows to improve security
The team has alerted relevant authorities and is seeking to prosecute the attacker while also shoring up its security practices.
![](data:image/svg+xml;utf-8,<svg xmlns="http://www.w3.org/2000/svg" width="680" height="384" />)
A $5 million hack of Ankr protocol on Dec. 1 was caused by a former team member, according to a Dec. 20 announcement from the Ankr team.
The ex-employee conducted a “supply chain attack” by putting malicious code into a package of future updates to the team’s internal software. Once this software was updated, the malicious code created a security vulnerability that allowed the attacker to steal the team’s deployer key from the company’s server.
4 comments