BNB Chain's Record Flash Loan Profit

The BNB Chain witnessed a major flash loan exploit on October 11th, when an MEV bot raked in an astonishing $1.575 million through arbitrage gains.

This assault took place on the Pancakeswap DEX network, where the perpetrating bot incurred a meager fee of $4.16, leaving them with astronomical profits.

Massive Singular Flash Loan Breach on BNB Chain

As reported, the MEV Bot identified by address 0x216Ccf on the BNB Chain set a new record for the most substantial individual arbitrage profit in the chain's history.

EigenPhi, a prominent blockchain data analysis firm, brought forth these details, confirming that the colossal profit arose from a meticulously orchestrated price manipulation maneuver targeting the BH token.

In essence, the assailant exploited a system vulnerability to the tune of approximately $1.27 million, swiftly transferring the funds to the widely used Tornado Cash mixer.

This attacker borrowed a significant sum of USDT utilizing function ID 0x33688938 and infused USDT into the contract.

Typically, the liquidity ratios for the contract hover around 1 USDT to 100 BH. The attacker then manipulated the system by promptly exchanging USDT for BH via the pair and subsequently removed the liquidity via transaction ID 0x4e290832.

This swap drastically altered the liquidity removal ratio to roughly 1 USDT to 2 BH under these abnormal conditions, enabling further withdrawal of USDT.

Beosin, a reputable blockchain security company, later confirmed this string of transactions, underscoring their deliberate nature. The attacker profited a grand total of $1.575 million throughout the process.

$BH token on BNB Chain was exploited for ~$1.27M due to suspected price manipulation. The profits were sent into Tornado Cash.
Attacker: 0xFDbfcEEa1de360364084a6F37C9cdb7AaeA63464

The attacker flashloaned a large amount of $USDT, then called 0x33688938() to add $USDT to the… pic.twitter.com/POppQswi7u

— Beosin Alert (@BeosinAlert) October 11, 2023

The MEV Bot address 0x216Ccf was potentially generated on October 6th and has remained inactive up to the date of the flash loan attack. Conversely, the counter address, 0xFDbfcE, has been active and currently holds around 1,000 BNB tokens valued at $205.8K.

The Flash Loan Exploitation Enigma

Flash loan attackers primarily capitalize on the flash loan mechanism to pilfer users' assets, as evidenced in the BH token case. At its core, a flash loan is a system facilitating arbitrage trading and isn't inherently malicious.

In the 24 hours leading up to this report, EigenPhi's data indicates roughly 278 flash loans executed within the Ethereum network. Over the past 7 and 30 days, this number escalated to 2,435 and 9,721, respectively. A staggering transaction value exceeding $2.2 billion has been funneled through flash loans in the last 30 days, highlighting the widespread adoption of this mechanism.

Nonetheless, numerous malevolent actors have harnessed flash loans to destabilize crypto systems and defraud investors, mirroring the aforementioned case. In June of this year, a DeFi protocol named Sturdy Finance suffered losses of 442 ETH, equivalent to $800K, through various hacks, including a flash loan exploit.

Read more: Platypus Finance: Navigating DeFi Challenges