Nov 2024 - MFT Token Contract Flawed Transfer Logic - $34k (Global)
MFT is a smart contract in the Binance Smart Chain.
"The root cause is in the flawed logic of transfer(), which will burn token from the pool when user trys to sell token.
so attacker first makes a few transfers to the pair to trigger the sell in the MFT transfer(), this setup makes sure the MFT balance of MFT token itself will not interfere the subsequent attack, and then buy a large amount of MFT, making the MFT balance of the pair really low, and then selling an equal amount of MFT again, and due to burn [mechanism], the pool is drained.
interestingly the attacker transfers all profit to a self-created pair of another token for no obvious reason, we have seen similar way of this handling a couple of times, indicating it is very likely from a seasoned attacker."
"Our system has detected a suspicious attack involving #MFT on #BSC, resulting in an approximately loss of $33.7K."
Further Analysis
MFT was a smart contract in the Binance Smart Chain. On November 17th, a vulnerability in the smart contract was exploited. The attacker ultimately transferred their gains into another token trading pair that they created.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
BSCGem Smart Contract Inflation Function Exploited > > < < Polter Finance Unaudited Contract Price Manipulation
Sources/Further Reading
BNB Smart Chain Transaction Hash (Txhash) Details | BscScan
(Dec 31)
Contract Address 0x6e088c3dd1055f5dd1660c1c64de2af8110b85a8 | BscScan
(Dec 31)
BNB Smart Chain Transaction Hash (Txhash) Details | BscScan
(Dec 31)
@TenArmorAlert Twitter (Dec 31)
Contract Address 0x84b45294404c165e9cc60b69fc9be3ac97db1aab | BscScan
(Dec 31)
MFT (MFT) Token Tracker | BscScan
(Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|