What Happened

On January 28, 2022, Qubit Finance was exploited for approximately $80 million USD in crypto assets. It remains one of the largest DeFi hacks in history. No funds have ever been returned.

Background

Qubit Finance was a DeFi lending protocol on Binance Smart Chain, built by the South Korean company Mound Inc. — the same team behind PancakeBunny, which had already been exploited for ~$45M in May 2021. Qubit was their second attempt.

The protocol included QBridge — a cross-chain bridge that let users deposit ETH on Ethereum and receive equivalent qXETH tokens on BSC, which could be used as collateral to borrow other assets.

Qubit Finance was explicitly endorsed by Binance and operated on the Binance Smart Chain.

The Exploit

Step 1 — Two functions, one event

QBridge had two ways to deposit ETH:

depositETH() — Correct function. Required actual ETH (msg.value > 0). Emitted a Deposit event.
deposit() — Designed for ERC-20 tokens. Called safeTransferFrom() on a token contract. Also emitted a Deposit event — the exact same event type.

The off-chain relayer that processed bridge events had no way to distinguish between the two.

Step 2 — The zero address was whitelisted

For ETH, since native ETH has no ERC-20 contract address, QBridge used the zero address (0x0000000000000000000000000000000000000000) as a placeholder. The zero address was added to the contract’s whitelist.

Step 3 — Calling an EOA silently succeeds

When deposit() was called with ETH’s resourceID, the contract resolved the token address to the zero address and called safeTransferFrom() on it.

In the EVM, calling any function on an address with no contract code (an EOA) silently succeeds — no revert, no error, no actual transfer. The zero address is an EOA. So safeTransferFrom() “succeeded,” nothing moved, and the contract emitted a Deposit event identical to a legitimate ETH deposit.

This EVM behavior had been documented in a 0x Protocol security update in 2019. The Qubit team either didn’t know about it, or ignored it.

Step 4 — The relayer minted real tokens on BSC

The relayer saw the Deposit event, had no way to know it was fake, and minted qXETH tokens on BSC for the attacker — backed by nothing.

The attacker repeated this process repeatedly, accumulating a massive amount of fake qXETH.

Step 5 — Fake collateral, real loans

Using fraudulently minted qXETH as collateral, the attacker borrowed approximately $80 million in real assets from Qubit Finance’s BSC lending pools: WETH, BTCB, BNB, MATIC, CAKE, BUSD, and more.

The lending contract correctly checked collateral value — but the fraud had already happened at the bridge level.

The Suspicious Parameter Change

Investigators found something that has never been explained.

Originally, the deposit() function with its resourceID was used for bridging WETH — a real ERC-20 token with a real contract address. This worked correctly.

At some point before the hack, an owner-only function was called to reassign the resourceID mapping — swapping WETH’s contract address for the zero address. This was the change that made the exploit possible.

Key facts:

Only the contract owner could make this change
There was no timelock — it took effect immediately
There was no public announcement
No explanation has ever been given

The Team’s Response

What Mound Inc. did after:

Offered the hacker $250,000 to return $80M (no response)
Claimed to file police reports — never provided case numbers
Removed victims from Telegram via moderator @moleh
CTO deleted his LinkedIn on February 1, 2022, four days post-hack
Did not contact Binance security or major exchanges to blacklist the hacker wallet
Did not respond to community members who came forward with information about the hacker

For a full record, see Team Response and Nine Unanswered Questions.

Hacker Wallet

0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7

Estimated Assets Stolen

Asset	Approx. USD Value
WETH	~$26.6M
BTCB	~$15.3M
BNB	~$9.5M
MATIC	~$5.6M
CAKE	~$8M
BUSD + other	~$15M
Total	~$80M