Another major DeFi protocol based on Binance Smart Chain has been hacked. Hackers took about $7.2 million out of the BurgerSwap protocol with a quick credit attack.
According to a statement by the developers of BurgerSwap on Twitter, the protocol was attacked using fast credits – a fairly popular way for hackers to extract crypto assets from DeFi protocols. In a statement, the developers of BurgerSwap claim that they will try to compensate users for all losses, which at the moment amounted to about $7.2 million.
Quick loans allow anyone with even a small amount of assets to access large amounts of money in a short period of time. Thus, attackers can manipulate the prices of tokens in the project’s storage, distorting the data provided by the oracle of the platform, as well as on the DEX, from where it receives this data.
Then the attackers can quickly buy the sharply cheaper tokens and pay off the quick loan soon after. The danger of these attacks lies in their simplicity and in the fact that they do not require special technical knowledge. The BurgerSwap team claims to be “working on a solution”. JulSwap, another DeFi protocol on BSC, appears to have suffered a similar attack; however, the CEO of JustLiquidity stated that the protocol was not hacked.
Binance Smart Chain, launched last September, has grown dramatically due to low fees, but some recent incidents with DeFi protocols have cast a shadow over the network’s performance. In May, the DeFi PancakeBunny protocol was attacked by hackers using instant loans, as a result of which the attackers withdrew $200 million worth of crypto assets. Spartan Protocol, bEarn Fi, Uranium Finance, and several other BSC projects suffered the same fate. Recently, Binance stated that it is not responsible for hacks and vulnerabilities of the DeFi protocols on the Binance Smart Chain blockchain, and cannot conduct “kickbacks” and return the stolen money.