bsc - Adrian Hetman

Adrian Hetman

Subscribe

bsc

A collection of 12 posts

How many times you need to re-check your code?

How many times you need to re-check your code?

ApeRocket was hacked on BSC and on Polygon today. Hacker stole in total ~$1.3M (883 BNB + 521 ETH). What was the reason for the hack? Both were flash-loan enabled attacks, and both had flawed vault minting reward logic. I won't go into the details of both hacks, WatchPug covered

What happened to Merlin Lab?

What happened to Merlin Lab?

Today (29th of June), Merlin Lab was hacked, and $330k was stolen from the protocol. It is a third hack in the last month that has happened to Merlin. How the hack happened? From the Merlin Telegram Channel, we can read the following: > "The Merlin Dev team had deployed the

How Eleven.Finance got hacked?

How Eleven.Finance got hacked?

Eleven.finance, a yield aggregator on BSC and Polygon, was exploited for a total of $4.5M. Binance Smart Chain protocols don’t have an easy year will all of the recent hacks in last months happened on that chain. I won’t rant about BSC. I did that already

What are the developer's responsibilities due to the hack? Case study based on Impossible Finance hack.

What are the developer's responsibilities due to the hack? Case study based on Impossible Finance hack.

On Jun-21-2021 04:39:07 AM +UTC, Impossible Finance got hacked for $500k using the same exploit as the one used on the BurgerSwap [https://twitter.com/mudit__gupta/status/1398156036574306304?s=21]. The issue was with the swap function supposed to verify if x*y>k, basically the requirement

PancakeHunny Hacked

PancakeHunny Hacked

Ehh…Same exploit used for the 4th time. Devs do not learn, do they?Exploit is very similar to the one found on PancakeBunny [https://www.adrianhetman.com/pancakebunny-exploit-used-for-the-3rd-time/]. 40 ETH was sent through Torando Cash on Ethereum. Below analysis is taken from WatchPugs. [https://watchpug.medium.com/pancakehunny-performance-fee-minting-attack-analysis-e347d12bfdde] https:

Monthly DeFi Blood Bath report

Monthly DeFi Blood Bath report

May had a staggering amount of hacks for DeFi protocols on Binance Smart Chain. I decided to summarize who was hacked, when and for how much. Let’s start as it’s a long list. Spartan Protocol When? May 1st How much? $30M Where? Binance Why? The incident was due

PancakeBunny exploit used for the 3rd time

PancakeBunny exploit used for the 3rd time

When I wrote about PancakeBunny exploit, [https://www.adrianhetman.com/pancakebunny-hacked-for-40m/] I didn’t think I would be reporting the same hack for the 3rd time. But that’s our reality when projects fork another project’s code without changing much. Without even trying to stop the protocol and fix

AutoShark hacked for ~$745k

AutoShark hacked for ~$745k

Bunnies are reproducing quite fast, and as it turns out, not only in nature but also in the blockchain. Autoshark was nearly 1:1 fork of PancakeBunny, and apart from copying all the logic, they also copied the flawed logic responsible for the PancakeBunny hack. A hacker used 100K BNB

Bogged Finance Hacked for $3.5M

Bogged Finance Hacked for $3.5M

May-22-2021 02:47:06 PM +UTC, BoggedFinance was hacked for ~$3.5M. This was due to the bug in the deflationary logic of the token. Bog Token is designed to be deflationary. 5% is charged with each transaction, 1% burned, and 4% going to the staking profit. Issues were in

PancakeBunny hacked for $40M+

PancakeBunny hacked for $40M+

It’s a nice feeling to finally go to sleep after a hard day and wake up to $40M+ gone from another Binance Smart Chain DeFi protocol…BSC DeFi doesn’t have an easy time right now. This hack’s a “nice” addition to the growing amount of already stolen

$232M lost due to hacks in DeFi alone

$232M lost due to hacks in DeFi alone

I didn’t want to write another post like this, but at 10:36:20 AM +UTC, May 16, 2021, Bearn.fi was exploited, and $11M of funds was stolen from the pool. As Peckshield reports: > The incident was due to a bug in its internal withdraw logic in inconsistently

Four Hacks, one week

ethereum Featured

Four Hacks, one week

This was an interesting week. We saw four hacks; first, two happened to one company in few days, and the third hack fuelled a cross-chain attack that happened to my knowledge. Total value lost from Value DeFi and Rari Capital this week is around $36M, whereas $25M belongs to hacks