Knownsec Blockchain Lab|Belt Finance Attack Event Analysis
Preface
According to an official tweet, on May 30, the Belt Finance project on the BSC chain was attacked by a lightning loan.Knownsec Blockchain Lab tracked and analyzed this incident as soon as possible.
analysis
Address information
Attack contract:
0x4eB362934D56f2669a712Cb92d316cd465921B5D
Attack tx:
Attack process
1. The attacker first borrowed 8 flash loans from PancakeSwap, totaling 385M BUSD
2. 10M BUSD is transferred to the bEllipsisBUSD strategy, and 187M BUSD is transferred to the bVenusBUSD strategy
3. Exchange 190M BUSD to 169M USDT in Ellipsis
4. Withdraw BUSD in the bVenusBUSD strategy
5. Exchange 169M USDT to 189M BUSD in Ellipsis
6. Deposit BUSD into the bVenusBUSD strategy
7. Repeat steps 3-6 7 times to make a profit
8. Return the flash loan and convert the assets obtained from the attack into ETH in batches through the Nerve (Anyswap) cross-chain bridge
To sum up
Since the price calculation of beltBUSD is based on the sum of all other pool balances, the attacker manipulates other strategies to affect the price of beltBUSD and then buys and sells BUSD multiple times to make a profit.
Recently, there have been frequent attacks on the BSC chain, and contract security increasingly requires urgent attention. BSC officials are also currently tweeting that it is speculated that a hacker team is eyeing the BSC, urging all project parties to take precautions, and contract audits, risk control measures, and emergency plans must be implemented.
About Us: Knownsec Blockchain Lab has a team of top international blockchain security experts and 9 years of experience in security services for leading blockchain companies. It has served as the world’s leading digital currency exchange, wallet, underlying public chain, Smart contracts and other projects conduct security audits and defense deployments, and maintain the leading domestic core competitiveness in blockchain technology security, risk control security, and anti-hacking security.
Official Website | Designated storage platform | Contact us | Twitter