BurgerSwap Flash Loan Attack on Binance Smart Chain (BSC) Sweeps $7 Million In Losses

Published May 28, 2021 | Updated May 28, 2021

In Brief
  • The attacker created a Fake Coin with new trading pair with $BURGER to exploit the platform.
  • The BSC has faced the fourth such flash loan attack in less than a month.

BurgerSwap Flash Loan Attack on Binance Smart Chain (BSC) Sweeps $7 Million In Losses

  • The attacker created a Fake Coin with new trading pair with $BURGER to exploit the platform.
  • The BSC has faced the fourth such flash loan attack in less than a month.

Binance Smart Chain (BSC), the Ethereum-competitor for DeFi protocols, is facing severe flash loan attacks since the beginning of May 2021. The latest victim has been DeFi protocol BurgerSwap. The platform recently updated that at around 3 AM on Friday, May 28, BurgerSwap faced a flash loan attack on BSC wherein the attackers swept $7.2 million in losses in just 14 transactions.

To exploit the platform, the attackers created their own fake BEP-20 token while forming a new trading pair with $BURGER. Through some routing adjustments, the “attacker created $BURGER -> Fake Coin -> $WBNB routing; through $BURGER -> Fake Coin trading pair”. 

Later, using the fake coin and manipulated reserves in the pair’s contract, the attacker re-entered BurgerSwap while changing the price of $BURGER. The attacker then re-entered the transaction to trade back the $WBNB and thus obtain the extra amount of WBNB inputted. In this thread, BurgerSwap explains step-wise how the attacker managed to rout $7.2 million. Below is the complete list of what exactly has been stolen.

The price of the $BURGER token is down by more than 20% and is currently trading at $6.65 with a market cap of $80.3 million.

Binance Smart Chain (BSC) and Flash Loan Attacks

This is the fourth flash loan attack taking place on Binance Smart Chain (BSC) within a month’s time. Over the last two weeks, we have reported attacks on DeFi protocols Pancake Bunny, Bogged Finance, and AutoShark Finance.

The price of their respective DeFi tokens has crashed over 90% thereby eroding a large amount of investors’ money. This vulnerability of attackers frequently exploiting the Binance Smart Chain (BSC) has got investors to question the security of the platform.

Since the beginning of May, the total losses on BSC due to multiple flash loan attacks have exceeded over 150 million U.S. Dollars. Another DeFi project JustLiquidity Swap aka JulSwap has been facing a similar situation. However, its founder has confirmed that there has been no exploit or hack at the protocol level.

Disclaimer
The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
About Author
Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.

Subscribe to our newsletter for free

Bhushan Akolkar 544 Articles
Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.
Follow Bhushan @