Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
The DeFi protocol xWin Finance based on Binance Smart Chain was attacked by lightning loans. The xWin Finance token XWIN has fallen by nearly 90% in 24 hours. The attacker used xWin Finance's "reward mechanism" to continuously add and remove liquidity to obtain rewards. Under normal circumstances, due to the small amount of users added, the gains may be small, or even not enough to pay the handling fees; but in the face of huge amounts of funds, the rewards will become abnormally high. Attack method (per SlowMist): Flash Loan Attack. Reported loss: $ 281,599.
- chain
- bsc
- protocol
- xWin Finance
- bug_class
- flashloan
- date_occurred
- 2021-06-25
- loss_usd
- $281,599
- source_id
- sm:xwin-finance::2021-06-25