Unknown attackers stole $200 million in cryptocurrencies from the PancakeBunny smart contract with a flash loan
Attackers stole about $200 million in cryptocurrencies from the PancakeBunny protocol. This was reported by the development team on their official Twitter page. The developers assure that the smart contract was not hacked, and the reason for the theft of cryptocurrencies was an “economic exploit.”
“We would like to remind the community that no vault was hacked. The exploit was an economic catch that attacked the BUNNY price using flash credit. We repeat, no vault was hacked,” the developers claim.
Attackers reportedly stole about 700,000 BUNNY tokens and 114,000 BNB. The total theft amounted to $200 million at the exchange rate at the time of the theft.
According to the developers of the Decentralized Finance Protocol (DeFi), the attackers took out a “large” flash loan on PancakeSwap in binance coin (BNB) tokens. With the loan, unknown persons manipulated USDT/BNB as well as BUNNY/BNB trading pairs.
However, the developers did not specify how exactly the manipulation of trading pairs took place. By inflating the price of BUNNY, the attackers dumped the accumulated tokens, collapsing the token exchange rate before repaying the BNB flash credit.
Pump & dump.
After the price of BUNNY was pumped up, the attacker dumped all of his accumulated tokens back into the market before repaying the BNB flash loan, causing the PancakeBunny native token to crash. The developers added that deposits and withdrawals of tokens from the protocol will be frozen until the team “improves the security” of the protocol.
Meanwhile, the price of BUNNY collapsed 80% to $30. Before the hack, the native DeFi-protocol token was worth ~$150.
The ecosystem’s capitalization dropped to $32.3 million. The attack against PancakeBunny also affected the price of BNB. At the time of writing, the token is trading down 15% at $360. It should be noted that this is not the first time that the DeFi protocol based on the Binance Smart Chain blockchain has been targeted by attackers.
BeInCrypto’s editorial team reported that the bEarn Fi cross-chain protocol also lost $11 million in BUSD stablcoin to a flash credit attack.