Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to ExVul monitoring, a TMM/USDT reserve manipulation attack occurred on the BSC (BNB Chain), resulting in a loss of approximately 1.665 million USDT. The attacker utilized flash loans from Lista DAO Moolah, Venus, Aave V3, PancakeSwap Vault, and Uniswap PoolManager to manipulate the TMM/USDT trading pair. By burning TMM to a dead address, the attacker reduced the pair's reserve to just 1 TMM, subsequently swapping 850 million TMM for approximately 272 million USDT. After repaying all flash loans, the attacker transferred a net profit of roughly 1.665 million USDT to associated addresses. Attack method (per SlowMist): Flash Loan Reserve Manipulation. Reported loss: $ 1,665,000.
- chain
- bsc
- protocol
- BSC TMM/USDT
- bug_class
- flashloan
- date_occurred
- 2026-04-04
- loss_usd
- $1,665,000
- source_id
- sm:bsc-tmm-usdt::2026-04-04