PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair. Attack details: When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD. The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards. The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair. Attack details: When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD. The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards. The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.
Security company: Suspicious transactions were discovered on BSC for an uncontracted entity, resulting in a loss of approximately $150,000
PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair.
Attack details:
- When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD.
- The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards.
- The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.
Market Opportunity
RealLink Price(REAL)
$0.07647
$0.07647$0.07647
USD
RealLink (REAL) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Ethereum unveils roadmap focusing on scaling, interoperability, and security at Japan Dev Conference
The post Ethereum unveils roadmap focusing on scaling, interoperability, and security at Japan Dev Conference appeared on BitcoinEthereumNews.com. Key Takeaways Ethereum’s new roadmap was presented by Vitalik Buterin at the Japan Dev Conference. Short-term priorities include Layer 1 scaling and raising gas limits to enhance transaction throughput. Vitalik Buterin presented Ethereum’s development roadmap at the Japan Dev Conference today, outlining the blockchain platform’s priorities across multiple timeframes. The short-term goals focus on scaling solutions and increasing Layer 1 gas limits to improve transaction capacity. Mid-term objectives target enhanced cross-Layer 2 interoperability and faster network responsiveness to create a more seamless user experience across different scaling solutions. The long-term vision emphasizes building a secure, simple, quantum-resistant, and formally verified minimalist Ethereum network. This approach aims to future-proof the platform against emerging technological threats while maintaining its core functionality. The roadmap presentation comes as Ethereum continues to compete with other blockchain platforms for market share in the smart contract and decentralized application space. Source: https://cryptobriefing.com/ethereum-roadmap-scaling-interoperability-security-japan/
Share
BitcoinEthereumNews2025/09/18 00:25
New Gold Protocol's NGP token was exploited and attacked, resulting in a loss of approximately $2 million.
PANews reported on September 18th that according to Paidun monitoring, New Gold Protocol's NGP token was exploited in an attack, resulting in a loss of approximately $2 million. The NGP token plummeted 88% in an hour, and the attacker deposited the stolen funds (443.8 ETH) into TornadoCash.
Share
PANews2025/09/18 11:10
The Real Cost of AI? Beyond Originality, It’s Human Identity
How global thought leader Dr. Tae Yun Kim is redefining human agency, expertise, & purpose in the AI era MEDFORD, Ore., Dec. 22, 2025 /PRNewswire/ — Artificial
Share
AI Journal2025/12/22 19:30