Security company: Suspicious transactions were discovered on BSC for an uncontracted entity, resulting in a loss of approximately $150,000
2025/09/17 13:52
PANews reported on September 17th that BlockSec Phalcon alerted its system to detect a series of suspicious transactions targeting an unverified contract (0x93fD192e1CD288F1f5eE0A019429B015016061F9) on Bitcoin Cash (BSC) a few hours ago, resulting in a loss of approximately $150,000. The issue stemmed from the contract's referral reward design: the reward calculation relied on the manipulable spot price of the BURN/BUSD trading pair.
Attack details:
- When a user stakes or locks BURN tokens through a referral, the contract issues referral rewards in the form of BUSD to the user. These rewards are calculated based on the amount of BURN staked/locked and the real-time spot price of BURN/BUSD.
- The attacker exploited this vulnerability to manipulate the price of BURN through flash loans. They then repeatedly created new contracts to bypass two key restrictions: the "one referral per address" rule and the maximum investment limit, allowing them to accumulate artificially inflated BUSD rewards.
- The attacker then sold the remaining borrowed BURN tokens and repurchased BUSD, causing the price of BURN to drop. Finally, they used their previously accumulated BUSD to purchase BURN at this low price, intending to profit from the transaction.
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights
You May Also Like
New Fire Technology and Boyaa Interactive have reached a strategic cooperation to expand the Web3 ecosystem. Boyaa Interactive held approximately 3,670 BTC as of late August.
PANews reported on September 17th that Newfire Technology Holdings Limited (1611.HK), Hong Kong's first publicly listed digital asset management platform, and Boyaa Interactive International Limited (0434.HK) announced a strategic partnership to jointly explore opportunities in the Web3 ecosystem. Newfire Technology will provide Boyaa Interactive with a digital asset compliance management program to support the development of its Web3 gaming ecosystem. It is reported that Boyaa Interactive has been deploying its Web3 strategy since 2023, and as of late August 2025, it has held approximately 3,670 bitcoins. Earlier news reported that Boyaa Interactive spent approximately HK$219 million this week to purchase a total of approximately 245 bitcoins .
Share
PANews2025/09/17 15:31
Share
China is testing its first locally made chipmaking machine
SMIC begins trials of China’s first advanced lithography tools.
Share
Cryptopolitan2025/09/17 14:30
Share
Fiserv to launch digital asset platform and stablecoin FIUSD by year end
PANews reported on June 23 that according to Business Wire, financial technology giant Fiserv announced that it will launch a digital asset platform and stablecoin FIUSD by the end of
Share
PANews2025/06/23 20:29
Share