BNB Chain's Record Flash Loan Profit

Martin Walker
Oct 13, 2023 at 08:59 am

The BNB Chain witnessed a major flash loan exploit on October 11th, when an MEV bot raked in an astonishing $1.575 million through arbitrage gains.

This assault took place on the Pancakeswap DEX network, where the perpetrating bot incurred a meager fee of $4.16, leaving them with astronomical profits.

Massive Singular Flash Loan Breach on BNB Chain

As reported, the MEV Bot identified by address 0x216Ccf on the BNB Chain set a new record for the most substantial individual arbitrage profit in the chain's history.

EigenPhi, a prominent blockchain data analysis firm, brought forth these details, confirming that the colossal profit arose from a meticulously orchestrated price manipulation maneuver targeting the BH token.

In essence, the assailant exploited a system vulnerability to the tune of approximately $1.27 million, swiftly transferring the funds to the widely used Tornado Cash mixer.

This attacker borrowed a significant sum of USDT utilizing function ID 0x33688938 and infused USDT into the contract.

Typically, the liquidity ratios for the contract hover around 1 USDT to 100 BH. The attacker then manipulated the system by promptly exchanging USDT for BH via the pair and subsequently removed the liquidity via transaction ID 0x4e290832.

This swap drastically altered the liquidity removal ratio to roughly 1 USDT to 2 BH under these abnormal conditions, enabling further withdrawal of USDT.

Beosin, a reputable blockchain security company, later confirmed this string of transactions, underscoring their deliberate nature. The attacker profited a grand total of $1.575 million throughout the process.

The MEV Bot address 0x216Ccf was potentially generated on October 6th and has remained inactive up to the date of the flash loan attack. Conversely, the counter address, 0xFDbfcE, has been active and currently holds around 1,000 BNB tokens valued at $205.8K.

The Flash Loan Exploitation Enigma

Flash loan attackers primarily capitalize on the flash loan mechanism to pilfer users' assets, as evidenced in the BH token case. At its core, a flash loan is a system facilitating arbitrage trading and isn't inherently malicious.

In the 24 hours leading up to this report, EigenPhi's data indicates roughly 278 flash loans executed within the Ethereum network. Over the past 7 and 30 days, this number escalated to 2,435 and 9,721, respectively. A staggering transaction value exceeding $2.2 billion has been funneled through flash loans in the last 30 days, highlighting the widespread adoption of this mechanism.

Nonetheless, numerous malevolent actors have harnessed flash loans to destabilize crypto systems and defraud investors, mirroring the aforementioned case. In June of this year, a DeFi protocol named Sturdy Finance suffered losses of 442 ETH, equivalent to $800K, through various hacks, including a flash loan exploit.

Read more: Platypus Finance: Navigating DeFi Challenges

Related News

Sign up for daily crypto news in your inbox

Get crypto analysis, news and updates right to your inbox! Sign up here so you don't miss a single newsletter.