PancakeSwap BCE-USDT Pool on BNB Smart Chain Exploited for About $679,000

According to BlockSec, a flaw in the BCE token burn mechanism enabled an attacker to use two malicious contracts to bypass trading limits and distort reserves in the PancakeSwap BCE-USDT pool on March 23.

USDT

BNB

CAKE

9d ago

Summary

BlockSec reported that about $679,000 was drained from the PancakeSwap BCE-USDT liquidity pool on BNB Smart Chain on March 23. Preliminary analysis said the exploit was linked to a flaw in BCE’s burn mechanism, which allowed an attacker to deploy two malicious contracts, bypass trading limits, and distort the pool’s reserves.

Terms & Concepts

Token burn mechanism: A feature that permanently removes tokens from circulation, typically to reduce supply or support tokenomics.
Liquidity pool: A smart contract-based reserve of two assets used to facilitate trading on decentralized exchanges.
BNB Smart Chain: A blockchain network designed for smart contracts and decentralized applications, commonly used for lower-cost crypto trading.