On October 20, the PancakeHunny decentralized protocol was attacked with instant credit and lost 388 BNB and 1.7 million TUSD (approximately $ 1.9 million). PeckShield Inc., a blockchain security company, was the first to notice the attack.
1/4 @PancakeHunny was exploited in a flurry of 32 txs (one hack tx: https://t.co/vsTgfV3UO9) to mint huge amount of $HUNNY, leading to the gain of 388 BNB and 1.7M TUSD (with roughly $1.9M) for the hacker. pic.twitter.com/QgeOtekGEI
— PeckShield Inc. (@peckshield) October 20, 2021
According to them, the hacker carried out 32 transactions to create a huge amount of HUNNY coins.
“The hack was made possible by a profit inflation error that converts a relatively small amount farmed by ALPACA into a large number of TUSDs for staking. These converted TUSDs are then counted as profit and used to create a huge amount of HUNNY coins, ”explained the experts.
Subsequently, the hacker passed funds through the Typhoon Network and Tornado Cash mixers, as well as the Anyswap, Celer Network and Synapse Protocol protocols. In the final, they were exchanged for Ethereum.
Data: PeckShield Inc.
As a result of the attack, the price of the HUNNY token collapsed by more than 60% and at the time of writing is $ 0.1179.
Later, the developers of PancakeHunny confirmed the attack. They assured that all user funds are safe, and the exploit only affected the price of HUNNY.
We have taken immediate action to protect our users from any further potential issues that could arise.
The exploit only affects the price of $Hunny. All Hives are unaffected. Funds are SAFU.
Preliminary report:https://t.co/Jqa3lTNqco pic.twitter.com/kpGdxFEEzA
— PancakeHunny 🍯 (@PancakeHunny) October 20, 2021
In late August, the Cream Finance DeFi protocol was attacked with instant credit. The damage amounted to 462,079,976 AMP and 2804 ETH (more than $ 18 million).
A few weeks later, the project managed to recover 5,152.6 ETH (approximately $ 16.7 million at the time) by identifying the hacker with the help of the community. At the same time, the attacker received 10% of the amount as a reward for the detected error.
Stay in touch! Subscribe to World Stock Market in Telegram.