Acala developers said the bug was caused by a misconfiguration of the iBTC/aUSD liquidity pool shortly after it went live on Sunday. Aliquidity poolis a digital pile of cryptocurrency locked in a smart contract, which results in creating liquidity for faster transactions on decentralized exchanges (DEXs) and DeFi protocols.

After noticing the exploit, the Acala team disabled the transfer functionality of the “erroneously minted aUSD” remaining on the Acala parachain. Parachains refer to custom, project-specific blockchains that are integrated within the Polkadot (DOT) and Kusama (KSM) networks and can be customized for any number of use cases.

Awalletbelieved to belong to the attacker still contains approximately 1.27 billion aUSD. Acala has asked white-hat hackers to return the stolen funds toPolkadot or Moonbeam addresses.

On-chain sleuths havepointed outthat the attacker who minted 1.28 billion aUSD was not the only person to take advantage of the bug – several other users allegedly stole thousands of dollars worth of DOT from the liquidity pool.

Launchedearlier this year, aUSD successfully held its soft peg to the U.S. dollar until the hack. After the attack, the price of aUSD plunged from roughly $1.03 per token to $0.009.

Acala developers said Sunday night that would continue to trace the on-chain activity to resolve the error mint of aUSD and try to restore aUSD peg.

Acala did not return requests for comments at press time.