PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair. Attack details: When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD. The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards. The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair. Attack details: When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD. The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards. The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.
Security company: Suspicious transactions were discovered on BSC for an uncontracted entity, resulting in a loss of approximately $150,000
이 콘텐츠에 대한 의견이나 우려 사항이 있으시면 crypto.news@mexc.com으로 연락주시기 바랍니다
PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair.
Attack details:
- When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD.
- The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards.
- The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.
시장 기회
RealLink 가격(REAL)
$0.06512
$0.06512$0.06512
USD
RealLink (REAL) 실시간 가격 차트
면책 조항: 본 사이트에 재게시된 글들은 공개 플랫폼에서 가져온 것으로 정보 제공 목적으로만 제공됩니다. 이는 반드시 MEXC의 견해를 반영하는 것은 아닙니다. 모든 권리는 원저자에게 있습니다. 제3자의 권리를 침해하는 콘텐츠가 있다고 판단될 경우, crypto.news@mexc.com으로 연락하여 삭제 요청을 해주시기 바랍니다. MEXC는 콘텐츠의 정확성, 완전성 또는 시의적절성에 대해 어떠한 보증도 하지 않으며, 제공된 정보에 기반하여 취해진 어떠한 조치에 대해서도 책임을 지지 않습니다. 본 콘텐츠는 금융, 법률 또는 기타 전문적인 조언을 구성하지 않으며, MEXC의 추천이나 보증으로 간주되어서는 안 됩니다.
추천 콘텐츠
What To Look For When Evaluating Nonprofit Budgeting Software for Finance Teams: A Platform Comparison
An objective analysis of tools including Budgyt and Martus Solutions alongside other nonprofit budgeting platforms for multi-department financial planning. Budgyt
공유하기
Globalfintechseries2026/04/13 18:40
The PewBeam effect: like Nigeria’s fintech gold rush, a worship AI boom is coming
In the sprawling auditoriums across Nigeria, where Pentecostal megachurches routinely pack 10,000+ worshippers and clergymen number in the… The post The PewBeam
공유하기
Technext2026/04/03 17:24
Trump Talks Up Palantir (PLTR) Stock and Cathie Wood’s ARK Invest Buys the Dip
TLDR Palantir stock rose 2.3% pre-market to $131.05 on Monday, April 13. President Trump praised the company on Truth Social, calling it a proven “war fighting”
공유하기
Coincentral2026/04/13 19:17
