BNB loss of $226,000! How the BFB Token’s security protocol became its own worst enemy


One vulnerability targeted the BFB token’s misprice defense mechanism rather than the PancakeSwap liquidity pool itself.

Investigators traced the attack to a logical flaw in BFB’s price defense mechanism on the BNB chain. The attacker first funded gas fees with assets routed through Railgun, a privacy protocol that obscures transaction assets.

Attack using money obtained via RailgunAttack using money obtained via Railgun
Source: BscScan

Then, repeatedly using the value zero Move from () Calls to move _priceDeflPool() With a flash loan, the attacker burned 5% of BFB tokens in the liquidity pool. This has been done about 151 times.

In each iteration, the value is zero Move from () Connection between externally owned accounts (EOAs) triggered _priceDeflPool() job. This caused the contract to burn 5% of the BFB tokens stored in the PancakeSwap liquidity pool and immediately connect sync() To update pool reserves.

How did the attacker drain the swimming pool?

Here, after almost exhausting the BFB reserve, RHe is the attacker Expendables Approximately 396.43 Binance (BNB) (about 226,000 USD) by exchanging a small amount of BFB for almost all coins BNB Bank In the pool.

False price defense for BFB tokenFalse price defense for BFB token
Source: BscScan

The attacker later converted the stolen BFB to BNB and left the funds in the wallet 0x3BFA…6b0F without transferring them.

Investigators identified a logical flaw in BFBToken’s price defense mechanism as the root cause. They continue to monitor the wallet for any outgoing transfers.

The attacker also incorporated several techniques, including liquidity pool drain, reserve manipulation, automated market maker (AMM) price manipulation, flash loans, logic exploits, zero-value transaction abuse, loop execution, and Railgun financing.

An alarming rise in attacks

This coincided with TRM Labs data reveals a record 207 security breaches In the first half of 2026.

Cryptocurrency breakthroughs in the first half of 2026Cryptocurrency breakthroughs in the first half of 2026
Source: TRM Laboratories

However, total losses fell sharply to $972 million, less than half of the $2.3 billion stolen during the same period in 2025.

The attack also came Polymarket’s recent phishing incidentwhere attackers compromised the front-end and manipulated what users viewed and signed.

Summer.fi’s autopsy also showed that the attackers spent about three months preparing the $6.04 million Lazy summer protocol Exploit it before implementing it.


Final summary

  • 396.43 BNB was drained by the attacker in exchange for a small amount of BFB.
  • A logic error in BFBToken’s price defense mechanism was the root cause of this attack.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *