DeFi-project BurgerSwap lost $7.2 million due to the attack

Two DeFi protocols based on Binance Smart Chain – BurgerSwap and Julswap — were attacked using instant loans.

The BurgerSwap team reported that during 14 transactions, the attacker withdrew $7.2 million. Part of it fell on BURGER and xBURGER tokens, funds in WBNB, BUSD and Ethereum were also stolen. Representatives of the project promised to cover the losses.

The Block analyst Igor Igamberdiev noted that the unknown took advantage of a feature that allowed him to conduct repeated swaps before updating reserves, which are used to calculate the number of tokens in the operation.

A similar attack vector was observed in Julswap.

The CEO of the project Tobias Graf [Tobias Graf] denied hacking and exploit. According to him, the team will provide details of the incident in the near future.

Over the past day, the BurgerSwap (BURGER) token has collapsed by 18%, according to CoinGecko. After the attack, the price of JulSwap (JULD) fell from $0.062 to $0.035. At the time of writing, the coin is trading at $0.047.

A previously unknown person with the help of instant loans withdrew funds from the PancakeBunny DeFi project. The price of the token has collapsed by more than 80%.

In May, xToken lost $25 million due to a hacker attack. The attacker took an instant loan of 61,800 ETH, and then used two exploits.