Another BSC Project, BurgerSwap Lost $7.2 million in a Flash Loan Attack

Another protocol based on the Binance Smart Chain (BSC) has suffered an attack. This time it is BurgerSwap, a decentralized exchange. The perpetrators stole $7 million in a flash loan attack.

$7.2 million was withdrawn from BurgerSwap

BurgerSwap, which was launched earlier this year, is a DeFi project that allows users to exchange tokens issued by BSC and receive rewards for providing liquidity. The DeFi protocol announced on Twitter today the security breaches it has experienced.

The attackers opted for one rather infamous general way of exploiting the protocol, through a flash loan attack on May 28th. Through 14 transactions they were able to consume $7.2 million from BurgerSwap.

They created their own fake currency and formed a new trading pair with BURGER (BurgerSwap’s native crypto token). Later the perpetrator set the route too -BURGER-> Fake-> Wrapped BNB.

They used the trading pair BURGER / Fake Coin to re-enter BurgerSwap via Fake Coin and manipulated the number of Reserve0 and Reserve1 in the contract, which led to a significant change in price.

In the end, they stole 4,400 WBNB ($1.6M), 22,000 BUSD, 2.5 ETH ($6.8K), 432,000 BURGER ($3.2M), 142,000 xBURGER ($1M) and 95,000 ROCKS.

8/9

What was stolen:
– 4.4k WBNB ($1.6M)
– 22k BUSD ($22k)
– 2.5 ETH ($6.8k)
– 1.4M USDT ($1.4M)
– 432k BURGER ($3.2M)
-142k xBURGER ($1M)
– 95k ROCKS
— BurgerCities (@burger_cities) May 28, 2021

The DeFi project has ceased all services so far and “will definitely work hard to make up for the loss of users”.

Previous Attack on BSC

Since its inception, BSC’s rapid growth has drawn the attention of bad actors, and the number of compromised protocols using the network has grown exponentially in recent months.

Fxcryptonews reported on a few examples, including the bEarn Fi attack. The attack occurred in early May and caused a loss of more than $11 million.

Next was Bogged Finance’s turn. The DeFi protocol that is based on the BSC lost about $3 million from its network.

AutoShark Finance has similar concerns after losing $2 million from its network in May this year.

By re-entering the transaction and acting again on WBNB, the hacker managed to get the additional WBNB amount entered. So they quickly swapped 6,000 WBNB ($ 2 million) from PancakeSwap and then swapped almost all of the WBNB for 92,000 BURGER on BurgerSwap.

Disclaimer: The information in this article should not be considered financial advice, and FXCryptoNews articles are intended only to provide educational and general information. Please consult with a financial advisor before making any investment decisions.