BSC News

Spartan Pools v1 Exploited Using Flash Loans, $30m Hacked.

Binance Smart Chain (BSC) network has experienced another hack with the recent Spartan Pool exploit. The exploit appears to be a sophisticated and expensive one as details unravel.

Spartan V1 Pools Exploited

The Tweet from Spartan Protocol signalling to the Crypto Twitter (CT) community of a code exploit that successfully drained the V1 LP pool shows a sophisticated and expensive hack. 

Spartan has outlined the transaction details from Bscscan, showing the successful transactions that resulted in the exploit on the pool. As outlined by the Tweet, $61 million in Binance coin (BNB) was used in an economic exploit to overcome the pools, removing roughly $30 million in funds.

BSCscan Proof of Transaction indicating the Spartan Pool Exploit

Details of What Happened

As shared by PeckShield Inc via their detailed Medium blog, the incident occurred due to flawed logic. This error was apparent in calculating the liquidity share when the pool token is burned to withdraw the underlying assets. 

The Exploited Spartan Code

In particular, the specific hack inflates the asset balance of the pool before burning the same amount of pool tokens. It allowed the exploiter to claim an unnecessarily large amount of underlying assets. The consequence of this attack results in more than a $30M loss from the affected pool. The incident, also connected to a flash loan on PancakeSwap, serves as the medium through which the hacker borrowed the $61 million worth of BNB to drain the pool. This is a devastating hack for the protocol LP users.

In Conclusion 

Hacks are starting to become prevalent on the BSC network; recently, Uranium Finance was also exploited. The prevalence of these incidents shows the vulnerability of codes and how that in reality, DeFi security is never 100% guaranteed.

Always stay safe on your funds and ensure to use only spare funds for DeFi based actions.

How would you rate this article?

Related News