Feb 2025 - BankX XSD BurnPoolXSD Re-Entry Vulnerability Exploited 2 - $43k (Global)
BankX is a financial platform centered around a stablecoin called XSD, designed to offer individuals greater financial freedom. The platform allows users to mint XSD stablecoins, offering them an opportunity to earn rewards. One key feature of BankX is its focus on providing a deflationary token, known as the BankX Token, which aims to increase in value over time. BankX also offers various services, including the ability to buy NFTs, participate in a leaderboard for competitive rewards, and engage in a referral program to earn additional incentives.
The platform operates with a minting interest rate of 5.28%, ensuring that users who mint XSD can benefit from passive earnings. BankX is built on a decentralized system, allowing for financial independence without relying on traditional banking structures. It provides a comprehensive set of resources, including documentation and terms of use, to help users understand the platform. Whether you are looking to mint XSD, purchase NFTs, or participate in its rewards program, BankX offers a unique solution for individuals seeking to manage their finances in the crypto space.
BankX introduces XSD, a stablecoin pegged to the price of 1 gram of silver, providing a unique way to store value and earn interest. Unlike traditional stablecoins, XSD is crypto-backed and designed to eliminate the risk of liquidation. This ensures that users can mint and hold XSD without worrying about the typical volatility seen in many digital assets. The platform allows users to track XSD's value against silver, providing a more stable alternative for crypto investors.
BankX offers a variety of purposes and ways for users to profit, catering to different levels of expertise in the crypto space.
For beginners, BankX allows users to create the XSD stablecoin and earn interest. Additionally, users can lock up BankX tokens in Token Lockup Rewards, which generates interest in the form of more BankX tokens. This is a simple way for beginners to start earning and participating in the ecosystem.
For intermediate users, BankX introduces the concept of "looping," where users can use the stablecoin they minted to buy more collateral, mint more XSD, and earn even more interest. This process can be repeated multiple times to maximize returns.
For advanced users, BankX provides opportunities to engage with liquidity pools and the Integrated Protocol Owned Liquidity (IPOL) system. Users can earn rewards by providing liquidity or adding collateral when the stablecoin is in a deficit. Additionally, BankX supports arbitrage opportunities where users can profit by maintaining the peg of XSD. By burning BankX tokens or XSD at the right times, users can buy tokens at a discount, mint more stablecoin, or lock up tokens for additional rewards.
"In times of collateral deficit (which is usually caused by a drop in the price of the collateral used to mint XSD), the system gives incentives in the form of bonus BankX tokens and the XSD stablecoin for you to add collateral to the stablecoin. Instead of liquidation, we offer incentives to add collateral instead."
The BankX smart contract contains a re-entrancy vulnerability which allows "an attacker to manipulate the pool’s price by burning XSD tokens in a way that distorts the price".
"Both are caused by a re-entry issue and then triggered burnpoolXSD(), which also changes the swap K number."
57.308121814394883829 BNB
There does not appear to be any reaction to the exploit. The BankX development team has not mentioned the exploit on their Twitter, and continued to hold meeting feeds as though nothing has happened.
The pricing of XSD currently varies across different blockchains, with discounts on the current price of 1 gram of silver depending on the network. For example, XSD on Ethereum is priced at $0.23 (a 78.53% discount), while on Arbitrum, it’s only $0.03 (a 97.03% discount). Other networks like BNB, Polygon, and Optimism also offer significant discounts on the XSD price, ranging from 92.14% to 95.13%. These varying prices across blockchains present users with opportunities to acquire XSD at different rates, maximizing potential savings.
It is unclear when or if BankX is going to notice and resolve the vulnerabilities in their smart contract.
Further Analysis
BankX is a decentralized financial platform focused on its stablecoin, XSD, which is pegged to the price of 1 gram of silver, offering users a unique way to store value and earn interest. The platform allows minting of XSD, earning rewards, and participating in activities like buying NFTs, joining a leaderboard, and a referral program. In February 2025, BankX again faced a security breach where its XSD-WBNB pool on BSC was attacked, resulting in the loss of about 57 BNB. The attack exploited a re-entrancy vulnerability in the platform’s smart contract, allowing the attacker to manipulate XSD prices by burning tokens and profiting from price manipulation. It remains uncertain when or if BankX will address these vulnerabilities.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
CashVerse BNB To AdaCash DepositBNB Sandwich Attack > > < < JupiterDAO $MEOW Token Rug Pull Jokes From Twitter/X
Sources/Further Reading
SlowMist - "SlowMist Security Alert We detected potential suspicious activity related to @BankXio. As always, stay vigilant!" - Twitter/X (Dec 31)
Bankx.io Homepage (Dec 31)
Bankx.io About (Dec 31)
What You Can Do? The BankX System Has Many Uses & Ways To Profit. - BankX Docs (Dec 31)
Intermediate: LOOPING!!! LOOPING Liquidation Free! = BankX Docs (Dec 31)
Tikkala Research - "Token $XSD was attacked again @BankXio, the victim contract 0xaadae9117df8b5d584378a41a105cc4862a16e99 lost about ~57BNB and it worth about $32k." - Twitter/X (Dec 31)
Tikkala Research - "It's not a new attack; the vulnerability is the same as before. The latest hack transaction and the previous hack transaction are similar. Both are caused by a re-entry issue and then triggered burnpoolXSD(), which also changes...ter/X (Dec 31)
ExVulSec - Security Alert our team has found some suspicious transfers with @BankXio. Keep an eye out for your assets!" - Twitter/X (Dec 31)
@cryptocrim66608 Twitter (Dec 31)
BlockThreat - Week 6, 2025 (Dec 31)
BankX Open Discussions: Crypto, AI, Trump, Market & Stablecoins - Twitter/X (Dec 31)
Attack Transaction - BSCScan (Dec 31)
Second Attack Transaction - BSCScan (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|