Back to the list

BlockSec Spots Suspicious Activities on BSC Network; Suspects Hacks

source-logo  coinedition.com 05 February 2023 09:59, UTC

The blockchain security platform, Blocksec, destined to provide reliable security services through its cutting-edge research, spotted and informed the crypto aspirants about “some suspicious behaviors” on Binance Smart Chain (BSC).

On February 4, Blocksec tweeted that a specific address, is suspected to launch attacks on BSC:

1/ We observed some suspicious behaviors on BSC. Specifically, the address 0x52fb0518e43b3d8d6d5af4f12961234a671cfd8e is suspected to launch several attacks by exploiting the flashloan callbacks of some contracts (trading bots?) to harvest tokens. pic.twitter.com/eFhCqdxgbM

— BlockSec (@BlockSecTeam) February 4, 2023

In detail, the platform identified that the wallet with the address 0x52fb0518e43b3d8d6d5af4f12961234a671cfd8e would inflict the BSC network with several attacks by “exploiting the flashloan callbacks of some contracts (trading bots?) to harvest tokens”.

Interestingly, to make the findings more transparent, BlockSec illustrated with an example of an attack on a transaction via a specific user address:

As an example, the attack contract (0x9301) directly called the BiswapCall callback of the bot and pretends to be a Biswap pair. The bot contract then transfers tokens to the attack contract and made a dummy trade.

Notably, through the example, BlockSec tried to elucidate the processes involved in attacking the network with the aid of a “dummy trade”.

In a subsequent tweet, BlockSec added that the initial fund came from Tornado Cash, the open-source, non-custodial decentralized cryptocurrency tumbler. Later, the harvested tokens were transferred from the attack contract to the attacker.

So far, the community hasn’t reacted much to the information; the comments received by the tweeter are minimal. The only comment received said that the transactions seem just “like a Financial maneuver”.