Binance Smart Chain’s PancakeHunny latest to suffer smart contract exploit
Binance Smart Chain has become a hotspot of sorts for attackers over the past month. In fact, many hackers have been exploiting DeFi protocols on BSC, with PancakeHunny being the latest to find itself the target. PancakeHunny, for its part, was quick to acknowledge the incident, however.
In fact, according to the preliminary report provided by the project,
“On 3rd June 2021, at 1:46 UTC. A smart contract was created to exploit the Hunny Minter Smart Contract. The Contract was subsequently executed 91 times.”
Curiously, while the Chinese reporter Colin Wu noted that at least 1.1 million had been locked up, the preliminary report noted that all “funds are SAFU.” The exploit, however, had affected the price of HUNNY/BNB.
The project went on to reassure the community that,
“We have identified the issue and our Devs are working on the FIX and a move forward plan. We will update shortly once we have the full plan.”
A similar attack had taken place nearly two weeks back against another Binance Smart Chain DeFi project – PancakeBunny. This was the biggest of attacks observed in the month of May, with the same resulting in the project shedding over 90% of its value.
At the time, the team had noted that it was a flash loan attack from an external actor who borrowed “a huge amount” of Binance Coin [BNB] before manipulating the price of BUNNY and then dumping BUNNY/BNB shortly after.
1⃣ The hacker used PancakeSwap to borrow a huge amount of BNB
2⃣ The hacker then went on to manipuate the price of USDT/BNB as well as BUNNY/BNB
3⃣ The hacker ended up getting a huge amount of BUNNY through this flash loan
— pancakebunny.finance (@PancakeBunnyFin) May 20, 2021
The price of BUNNY was pumped to $240 from $150, however, soon this value hit $0. Price manipulation is what happened in the HUNNY/BNB market too as it plummeted from $0.23 to $0.11.
As per data collated by Rekt, BSC DApps have so far lost $167 million in flash loan attacks and other exploits. The attack on PancakeBunny rendered a loss of $45 million to the project, while the second position was taken by the Spartan hack that accrued a loss of over $30.5 million.
While BSC did join hands with CipherTrace, a leading blockchain security and analysis firm shortly after the BurgerSwap attack, it would seem that security still remains a major concern for projects building on Binance Smart Chain.