Qubit Finance
A BNB Chain lending protocol whose QBridge was exploited for about $80M on January 27, 2022. A logic flaw let an attacker mint unlimited 'qXETH' collateral without depositing any ETH, then borrow out the protocol's assets. Chainalysis later assessed it was likely North Korea-linked.
Also known as: Qubit Finance, QBridge, QBT
Summary
Qubit Finance was a South Korea-based DeFi lending protocol on BNB Chain that ran a cross-chain bridge, QBridge. On January 27, 2022, an attacker exploited a logic error in QBridge's deposit handling — a deprecated deposit function plus a custom transfer that did not revert on the zero address — to mint large amounts of "qXETH" (representing bridged ETH) without depositing any real ETH, then used it as collateral to borrow out roughly $80 million in assets. [1][2]
Attribution
The exploit drained essentially all of the protocol's holdings, making it one of the largest DeFi thefts of early 2022. Chainalysis later assessed that the attack was likely the work of North Korea-linked hackers, who bridged and mixed the proceeds in a now-familiar laundering pattern. [1][2]
Bracketed numbers refer to the numbered sources listed below.
Linked scams & cases
People & entities involved
Sources (2)
See also
- Loci (LOCIcoin)TokensA 2017–2018 ICO for 'LOCIcoin' tied to the InnVenn IP-search platform. The SEC charged Loci and CEO John Wise with fraud for raising $7.6M on false claims about revenue, headcount, and user base; Wise also misused investor funds. Settled with a $7.6M penalty and an officer/director bar.
- Blockchain Terminal (BCT)TokensA 2017–2018 ICO (BCT tokens, ~$30M) for a 'Blockchain Terminal' — a Bloomberg-style crypto trading terminal. The SEC and DOJ said convicted ex-hedge-funder Boaz Manor secretly ran it under a fake identity ('Shaun MacDonald'), using associate Edith Pardo as a front, and lied about the product's adoption.
- Crowd Machine (CMCT)Tokens
This page was last updated on Jun 8, 2026. View revision history.