Cyber Incident Victim: Maiar
Date:
Jun 2022
Location:
Romania
Summary
Hackers exploited a vulnerability in the decentralized exchange Maiar, stealing approximately $113 million worth of its native EGLD tokens and causing the token's price to plummet from $76 to $5 during the incident. The attackers utilized three wallets to drain funds and sold a significant portion of the stolen assets before the platform was taken offline for emergency maintenance. The exchange's team patched the bug and claimed most stolen funds were either recovered or would be fully covered by the Elrond Foundation, with operations set to resume after price stabilization. This breach highlights ongoing security challenges in decentralized exchanges reliant on smart contracts and liquidity pools.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 5, 2022, Maiar, a decentralized exchange operating on the Elrond blockchain, experienced a security breach resulting in substantial financial losses. The incident began when suspicious activities were detected on the platform, prompting founder and CEO Beniamin Mincu to announce an investigation via Twitter. Hackers exploited a previously unidentified bug in the exchange’s systems, enabling them to drain approximately 1,650,000 EGLD tokens—the native cryptocurrency of the Elrond network—valued at $113 million at the time of theft. The attackers utilized three separate wallets to execute the theft and subsequently sold 800,000 of the stolen tokens on the exchange. This mass selling caused EGLD’s price on Maiar to plummet from $76 to $5 within a short timeframe, creating significant market disruption. Upon discovering the breach, the Maiar development team immediately took the exchange offline, citing "scheduled maintenance" on its website interface. Mincu confirmed the platform’s suspension was a direct containment measure following the exploit’s identification.
The response phase involved technical remediation and financial recovery efforts coordinated by the Elrond Foundation. Developers patched the exploited vulnerability and initiated two separate mainnet upgrades—substantial updates to the underlying blockchain infrastructure—to address systemic weaknesses. Blockchain staking provider Everstake confirmed implementing these updates across its nodes on June 7. Mincu asserted that "most exploited funds" had been fully recovered or would be covered by the foundation, guaranteeing user fund availability upon platform restart. The exchange’s relaunch depended on price stabilization, with swaps scheduled to resume only after Maiar’s EGLD price realigned with Binance’s market rate of $67.72. While the exact recovery mechanism for stolen assets remained undisclosed, the incident’s financial impact extended beyond direct theft to include secondary market effects from the token’s devaluation. This breach contributed to the broader pattern of cryptocurrency thefts in 2022, which had reached $1.6 billion in cumulative losses according to contemporary industry reports.