Binance Smart Chain DeFi project Burgerswap hacked for $7 million

Binance Smart Chain DeFi project Burgerswap hacked for $7 million

[ad_1]

BurgerSwap, a decentralized finance (DeFi) platform based on smart contracts network Binance Smart Chain (BSC), fell victim to a so-called flash loan attack today, allowing the malicious actor to get away with roughly $7.2 million worth of tokens.

Another day, another DeFi hacked

“BurgerSwap Flash Loan Attack Details: At around 3 am on May 28th (UTC+8) #BurgerSwap on the BSC chain encountered a flash loan attack; $7.2M was stolen from #BurgerSwap in 14 transactions,” the project tweeted.

According to BurgerSwap, the hacker(s) created their own “fake coin”—which can be done by anyone on BSC—and used it to form a trading pair with the platform’s BURGER token.

“By adjusting the routing, the attacker created $BURGER -> Fake Coin -> $WBNB routing; through $BURGER -> Fake Coin trading pair, attacker re-entered  BurgerSwap through Fake Coin & manipulated a number of reserve0 and reserve1 in the pair’s contract, causing the price to change,” the developers explained.

Then, the attacker took a flash loan of 6,000 Binance Coin (BNB) from PancakeSwap, another BSC-based DeFi platform, and swapped the funds for 92,000 BURGER tokens. After that, they added 100 “fake tokens” and 45,000 BURGER to a liquidity pool and used it to exchange the “fake tokens” for 4,400 BNB.

“Because of reentrancy in time of transfer fake token, the attacker did another swap from 45k $BURGER to 4.4k $WBNB. In total attacker received 8,800 $WBNB in the two latest steps,” the platform noted, adding that the hacker then “Swapped 493 $WBNB to around $108,700 BURGER on BurgerSwap” and repaid the flash loan.

Flash boys

Overall, the attacker reportedly managed to steal 4,400 BNB (worth around $1.6 million), 22,000 BUSD and 1.4 million USDT stablecoins, 2.5 Ethereum ($6,800), 432,000 BURGER ($3.2 million), and 142,000 xBURGER ($1 million)—for a total of over $7.2 million.

As CryptoSlate previously reported, a similar attack was recently conducted on Pancake Bunny, yet another DeFi platform in the BSC ecosystem.

Following the exploit, the project’s BUNNY token plummeted, losing over 90% of its price, while the hacker nabbed approximately $45 million of tokens.

Get an edge on the cryptoasset market

Access more crypto insights and context in every article as a paid member of CryptoSlate Edge.

On-chain analysis

Price snapshots

More context

Join now for $19/month Explore all benefits

Like what you see? Subscribe for updates.



[ad_2]

Source link

This Post Has One Comment

  1. Blade Coles

    Diminutive Coin project is more than a year old with current market price of $1 and only 200,000 coins will ever be minted. Once people realize its true potential it can become next UNO or even BTC killer. If you are interested in this project join their official Discord server https://discord.gg/DvD7CC48TD.

Leave a Reply