Bitcoin News and Finance Flash Loan Attacks Drain 2 Binance Smart Chain Defi Projects for $6 Million Skip to main content

Flash Loan Attacks Drain 2 Binance Smart Chain Defi Projects for $6 Million

Flash Loan Attacks Drain 2 Binance Smart Chain Defi Projects for $6 Million

There have been two back-to-back flash loan attacks in a short period of time stemming from two unique Binance Smart Chain decentralized finance (defi) projects. Last Wednesday, the yield-farming platform Pancakebunny lost close to $3 million in a flash loan attack according to reports. The following Sunday, Bogged Finance saw $3 million exploited from a flash loan attack.

Pancakebunny Gets Hit by a Flash Loan Attack – $3 Million Drained

Ever since hackers leveraged flash loans to attack the defi margin trading protocol Bzx, flash loans have been a common attack in the defi world. Flash loans are a type of scheme that allows the issuance of loans within a single transaction or attack. Besides average people leveraging the flash loan construct for fun, malicious actors have found attack parameters in order to drain funds from defi projects.

This past week between a five-day period, there were two flash loan attacks that saw around $6 million in total taken from both projects combined. On May 19, the defi project Pancakebunny leveraged its Twitter account to announce the news.

“Attention Bunny Fam,” the account tweeted. “Our project has suffered a flash loan attack from an outside exploiter. We will be posting a post mortem, in-depth analysis, but for the time being, we would like to update the community as to how this happened,” the official Twitter account added.

In a play-by-play recap, Pancakebunny said the “hacker used Pancakeswap to borrow a huge amount of BNB… then went on to [manipulate] the price of USDT/BNB as well as BUNNY/BNB. The hacker ended up getting a huge amount of BUNNY through this flash loan… The hacker then dumped all the bunny in the market, causing the bunny price to plummet. The hacker paid back the BNB through Pancakeswap.”

Estimates show around $3 million in tokens were drained from the Pancakebunny flash loan attack. BUNNY token markets suffered considerably after the exploit was announced.

Bogged Finance Hacker Drains $3 Million of the Project’s $6 Million in Liquidity Using a ‘Complex Flash Loan Attack’

Then this weekend another Binance Smart Chain defi project called Bogged Finance took a flash loan beating for $3 million as well. The defi project Bogged Finance’s post mortem says: “BOG token was exploited by an unknown attacker who was able to drain $3m of the $6m liquidity using a complex Flash-Loan based attack. The attack was mitigated within 15 blocks of it starting to prevent a full drain of the liquidity pools.”

Bogged Finance said that it planned to force migrate the contract by using the same exploit the attacker used to remove “illegitimately obtained tokens.” The project’s team members added: “Everyone will receive their LP tokens and $BOG on a new contract over the coming hours.” An update on May 24, says that the project’s migration is taking longer than expected.

“The Bogged Finance Token Migration is taking longer than expected,” Bogged Finance explains. “The funds are being held securely in this wallet, until redeployment is complete. We are excited to launch the new version of the BOG Contract with over 7.5 million tokens burned. We will announce a countdown for the relaunch before launch.”

Both BUNNY and BOG markets suffered significantly after these flash loan attacks. BOG slipped from $1.80 per token to $0.0003 after the flash loan attack was revealed. BUNNY markets saw a loss of 95% after the flash loan attack took place on Wednesday.

What do you think about the two recent flash loan attacks that have exploited Binance Smart Chain defi projects? Let us know what you think about this subject in the comments section below.

Comments

Popular posts from this blog

Custodial Lightning Network Service Attack Discovered by LN ‘Newbie’ — Hacker Strikes 6 LN Custodians

On September 18, a Redditor posted to the r/bitcoin forum and explained how he discovered a way to “attack [the] lightning Network’s custodial services.” The Reddit account dubbed “Reckless Satoshi” wanted to figure out if a “discrepancy between real routing fees and service’s transaction fee can be exploited for a profit.” The researcher disclosed that he wanted to see how large the damage could be and said “it is bad.” 6 Lightning Network Custodial Services Attacked, Researcher Discloses Findings to Offenders Prior to Public Disclosure A Redditor called Reckless Satoshi published a disclosure post on r/bitcoin this past Saturday and disclosed how he had found a vulnerability with routing fees and some of the Lightning Network’s custodial services. The research attack was done in good faith and after it was complete he disclosed the bugs to the offending services before publishing his findings. Reckless Satoshi used the Lightning Network (LN) attack on six different services incl...

Axie Infinity Down 40% Since Last Week’s Price High, Protocol Revenue Outshines Competitors

Last week, the game token leveraged within the Axie Infinity gaming universe skyrocketed to all-time highs, while other crypto markets remained extremely lackluster. During the last seven days, Axie Infinity’s platform token has dropped significantly in value shedding more than 12%. Meanwhile, the game platform’s smooth love potion token has slid over 8% over the last 24 hours. Axie Infinity Down More Than 40% Since All-Time High Not too long ago, the axie infinity (AXS) token was a topical conversation because it reached an all-time high on July 15. At the time, AXS managed to capture $28.93 per unit and since then it has shed 12.8% during the last seven days. The axie infinity (AXS) token is used within the blockchain-based game that involves battles between token-based creatures called “Axies.” AXS is used for the game’s governance system as well as other actions within the game. At the time of writing axie infinity (AXS) is exchanging hands for $16.70 per coin. AXS/USD on Ju...

Play-to-Earn Game From Polker (PKR) Exchange Listing – Endorsed by Akon

The Play-to-Earn NFT based Polker.Game ‘s native token $PKR has been officially listed on the popular centralized exchange BitMart. Polker.game has been in the spotlight recently as Akon, the American R&B superstar and record producer gave his official endorsement of polker stating that the “game is revolutionary” and that Polker is “hands down.. the best play to earn, NFT game in the space.”. With the BitMart listing and celebrity endorsement from Akon, Polker is perfectly positioned to become a major player in the Play-to-Earn league. Watch Akon’s Video Here What is Play-to-Earn? Although not a new concept, play-to-earn has become a trending term due to the popularity of the NFT game AXIE infinity. In the past, previous play-to-earn games have also achieved success – however, thanks to the huge amount of development in the blockchain space in recent years the gaming experience is now massively improved. Play-to-Earn games are essentially free to play and open to anyone and...

China to Crack Down on Copyright Infringement Through NFTs

Authorities in China are going after creators of digital collectibles based on other people’s works of art, the use of which was not authorized. The government offensive is part of a campaign to combat online copyright infringement and piracy with the participation of several departments. Regulators in China Move to Strengthen Copyright Supervision of Online Platforms The National Copyright Administration of China (NCAC) has recently launched a campaign against copyright infringement and piracy on the internet, together with the Ministry of Industry and Information Technology, the Ministry of Public Security, and the State Internet Information Office of the People’s Republic. A major objective of the initiative is to improve copyright supervision of online businesses by investigating cases involving the sale and distribution of infringing products on short video, live broadcast and e-commerce platforms, and promptly dealing with infringing content, the agency announced in a press r...
Blogarama - Blog Directory