Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The DeFi protocol Bogged Finance officially stated that hackers carried out a lightning loan attack on the staking function vulnerability of BOG token contracts and withdrew 3 million US dollars from the liquidity pool. The hackers used the Pancake Pair Swap code to withdraw the pledge before the contract verification was completed. income. The official team stated that the remaining 8 million US dollars in the current liquidity pool is safe. The vulnerabilities used by hackers have been "blocked" and cannot be reused. The tools provided by Bogged Finance are still safe to use, and the team is repairing the front end. Display the problem. Attack method (per SlowMist): Flash loan attack. Reported loss: $ 3,000,000.
- chain
- —
- protocol
- Bogged Finance
- bug_class
- flashloan
- date_occurred
- 2021-05-23
- loss_usd
- $3,000,000
- source_id
- sm:bogged-finance::2021-05-23