AIDC burn bug lets attacker drain 220.12 WBNB from PancakeSwap pair by abusing sync()


3 recorded changes
Want your article here?
Promote with Leviathan News

3 recorded changes
Want your article here?
Promote with Leviathan NewsSlowMist says AIDC on BSC was exploited for 220.12 WBNB, about $120,929, after `_sellTransfer()` accrued a 30% burn amount without deducting it from the seller. Subsequent non-pair transfers called `_executeAccumulatedBurn()`, burning tokens from the PancakeSwap AIDC/WBNB pair instead of the user, then `sync()` made the manipulated reserves official. The attacker repeatedly deflated the pool’s AIDC reserve before a final swap drained nearly all WBNB from the pair.
TLDR by @Benthic

𝕏/@Aster_DEX ·

syscoin.org ·

Github ·

decrypt.co ·

𝕏/@SolvProtocol ·

𝕏/@circle ·

𝕏/@Aster_DEX ·

syscoin.org ·

Github ·

decrypt.co ·

𝕏/@SolvProtocol ·

𝕏/@circle ·
🚀 Love DeFi? Ready to dive in and start earning $SQUID while making an impact?