Event background
BurgerSwap is a BSC with a governance incentive mechanism (AMM),The BURGER token is the platform’s native BEP-20 governance token, and users can obtain BURGER rewards by providing liquidity to the platform.
According to information monitored by the Lunaray technology blockchain security intelligence platform, on May 28, 2021, BurgerSwap’s official tweet stated that it was attacked by lightning loans, and the Swap and BURGER functions have been suspended, here below is the whole thing analysis
Attack information
Attacker’s wallet address:https://bscscan.com/address/0x6c9f2b95ca3432e5ec5bcd9c19de0636a23a4994
Attacker’s contract address:https://bscscan.com/address/0xae0f538409063e66ff0e382113cb1a051fc069cd
Attacker’s first transaction:https://bscscan.com/tx/0xac8a739c1f668b13d065d56a03c37a686e0aa1c9339e79fcbc5a2d0a6311e333
DemaxPlatform Contract address:https://bscscan.com/address/0xbf6527834dbb89cdc97a79fcd62e6c08b19f8ec0#code
DemaxPair Contract address:https://bscscan.com/address/0x7ac55ac530f2c29659573bde0700c6758d69e677#code
Attack process:
The above picture is a screenshot of the 13 main transactions of the attacker. Starting from the first transaction marked in the picture, the contents of the 12 transactions in modules 2 and 3 are basically the same. The difference is that the stolen tokens are different. Here we will analyze the first transaction in detail. The content of a transaction, the following screenshots are analyzed one by on2
The first step: The attacker’s contract borrows 6,047 BNB through flash loans.
Step 2: The attacker exchanges 6,028 BNB into 92,677 Burger through BurgerSwap.
Step 3: There are two important operations here, which are also the focus of this lightning loan attack. The attacker adds liquidity by using his own 100 tokens and 45452 Burger, and uses the tokens added by the attacker himself in subsequent exchanges. The currency exchanged 4478 BNB, and 45452 Burger was exchanged for 4478 BNB. As shown in the figure above, the attacker has currently obtained 8956 BNB. (Profited, Lightning Loan only borrowed 6,047 BNB
Step 4: The attacker exchanges 491 BNB for 108791 Burger. (A small amount of BNB has been controlled in exchange for a large amount of Burger)
Step 5: The attacker returns the 6,047 BNB borrowed from the Lightning Loan.
so far
The attacker obtained a large number of Burger tokens and BNB tokens. In the subsequent 12 transactions, the attacker used the same method to obtain a variety of tokens. The specific quantities are as follows: 4400 WBNB, 22,000 BUSD, 2.5ETH, 1.4 million USDT, 432,000 BURGER, 142,000 xBURGER, and 95,000 ROCKS, with a total value of more than 7 million U.S. dollars.
Reasons for the success of the attack
It can be clarified through the illustration of the third step that the event triggered when 4478 BNB is exchanged twice is the DemaxPlatform contract SwapToken. By following up the contract event, the first method called is swapExactTokensForTokens
In the swap method, it may be obvious that it is similar to the Uniswap contract, but after the normal exchange of the DemaxPair contract, the K value of the constant product of the token funds is not checked, which leads to the successful exchange of the second time. Therefore, in a transaction, the attacker successfully performed two swapExactTokensForTokens method calls to exchange the swap method without the K value check, and finally obtained a lot of benefits.
Summarize
According to this attack incident , the attacker passed multiple flash loans and checked the defects by the constant product K value in the code, and finally obtained a large number of tokens. At present, there are most of the similar flash loan attacks. Why do they happen frequently? For DeFi projects, the security of the contract code, the relative stability of the token price, and the timely update of the old version are extremely important parts to ensure the security of the project. For some Fork and other project codes, you should understand the principle of the code. Make careful modifications according to your own project logic. For this type of lightning loan attack, the security team of Zero Hour Technology gives the following suggestions:
Safety advice
For contract code security, you can find multiple security audit companies to conduct audits.
The price of LP and the minting code block for obtaining rewards should be strictly reviewed and calculated according to business logic to avoid the occurrence of a large number of minting problems that can be controlled by parameters.
Use credible and safe oracles, such as Chainlink decentralized oracles, adopted by Alpha homera.
For sensitive code, it must be updated and improved in time.
