BurgerSwap hacked: $7.2M flash loan theft

BurgerSwap hacked: $7.2M flash loan theft

DeFi Ethereum News
May 28, 2021 by J.D. Smith
9
During the night, BurgerSwap was hacked: a $7.2 million flash loan (or instant loan) theft took place. Binance Smart Chain’s DeFi project, commented on it on its Twitter channel. BurgerSwap just experienced Flash Loan attack. We have suspended Swap and BURGER generation to avoid further loss. Our tech team is working on the issue and

During the night, BurgerSwap was hacked: a $7.2 million flash loan (or instant loan) theft took place. Binance Smart Chain’s DeFi project, commented on it on its Twitter channel.

“BurgerSwap just experienced Flash Loan attack. We have suspended Swap and BURGER generation to avoid further loss. Our tech team is working on the issue and will publish the solution later. More details will be published soon. Thanks for your patience”.

The first tweet concerns the announcement of the attack suffered and the warning to the community of the suspension of both the exchange and generation of the BurgerSwap (BURGER) token.

Then, in the early morning of today, the case was described with a series of tweets stating how the hacker acted to steal the $7.2 million in 14 transactions.

The amount stolen was in various tokens and crypto assets. Specifically, here are the amounts and the corresponding dollar values:

  • 4.4 thousand WBNB ($1.6 million),
  • 22 thousand BUSD ($22 thousand),
  • 2.5 ETH ($6.8 thousand),
  • 1.4 million USDT ($1.4 million),
  • 432 thousand BURGER ($3.2 million),
  • 142 thousand xBURGER ($1 million),
  • 95 thousand ROCKS.

In essence, the flash loan implemented by the hacker targeted BurgerSwap through a fake coin (created specifically for the attack) and manipulating the number of reserves0 and reserves1 in the pair contract, causing the price to change.

BurgerSwap joins the list of hacked DeFi projects

The current incident, it seems, is not the first case in Decentralized Finance or DeFi projects.

Similar to BurgerSwap, JulSwap (JULD) also seems to have suffered the same attack on the Binance Smart Chain. In fact, Tobias Graf, JulSwap’s CEO of JustLiquidity (JUL) had tweeted this last night:

“Hi Community, we investigated the dump tonight on Jul. it’s seems it was the same Situation as some other projects experienced in the last weeks due to an flash loan. There is NO hack or exploit!”

There are still no details from Graf, so it is unclear whether the 60% drop in JUL’s price over the past 24 hours is due to an attack.

Another project on the Binance Smart Chain (BSC) that has suffered an attack was Meerkat Finance, which last March saw $31 million stolen from its smart contract.