An attacker exploited Qubit Finance's QBridge protocol on January 27, 2022, draining roughly $77 million to $80 million in assets by minting qXETH without depositing corresponding ETH. The source attributes the failure to QBridge deposit logic that accepted malicious data and allowed address(0) to pass checks, so safeTransferFrom did not revert as expected. The attacker used the minted qXETH to borrow and swap tokens into BNB through PancakeSwap, while Qubit disabled core lending and bridge functions, offered a $2 million bounty, and worked with partners to trace the funds.