BNB worth $226K lost! How BFB token’s safety protocol became its own worst enemy
The post BNB worth $226K lost! How BFB token’s safety protocol became its own worst enemy appeared on BitcoinEthereumNews.com. An exploit targeted the BFB token’s faulty price-defense mechanism rather than the PancakeSwap liquidity pool itself. Investigators traced the attack to a logical flaw in BFB’s price-defense mechanism on BNB Chain. The attacker first funded gas fees with assets routed through Railgun, a privacy protocol that obscures transaction origins. Source: BscScan Then, by repeatedly using zero-value transferFrom() calls to trigger the _priceDeflPool() function with a flash loan, the attacker burned 5% of the BFB tokens in the liquidity pool. This was done approximately 151 times. In each iteration, a zero-value transferFrom() call between externally owned accounts (EOAs) triggered the _priceDeflPool() function. This caused the contract to burn 5% of the BFB tokens stored in the PancakeSwap liquidity pool and immediately call sync() to update the pool’s reserves. How did