- Binance Smart Chain’s Pancake Bunny suffers huge flash loan exploit.
- The attack reduced BUNNY’s value to almost zer.
- BUNNY suffered a $50 million loss, with $110 million vanishing from market cap.
Pancake Bunny has been updating its users from its official Twitter account since then:
Attention Bunny Fam
Our project has suffered a flash loan attack from an outside exploiter.
We will be posting a post mortem, in depth analysis, but for the time being we would like to update the community as to how this happened.
— pancakebunny.finance (@PancakeBunnyFin) May 20, 2021
Offering an explanation of how the attack took place, the project mentioned how first, the hacker used PancakeSwap to borrow a large amount of BNB. Next, they went to manipulate the price of USDT/BNB as well as BUNNY/BNB. As a result, they ended up getting a huge amount of BUNNY through the flash loan.
Finally, they dumped all the BUNNY on the market, causing a rapid fall in price. They then paid back the BNB through PancakeSwap.
At first, the loss was estimated to be around $1 billion. Along with that, BUNNY’s price plummeted to virtually nothing following the attack. However, since then Pancake Bunny has recalculated the loss to around $50 million only. It has also confirmed that no user vaults have been breached. The attack was an economic exploit affecting only the price of BUNNY.
Even so, around almost $110 million has disappeared from BUNNY token’s market cap, leaving quite a big hole in traders’ pockets. Rubbing salt on wounds, the attacker left a rabbit-related pun as a transaction note. “Aren’t Flashloans Earitating”, it read.
Pancake Bunny is constantly updating the community regarding the situation, trying to control the loss as well as they can. Currently, users can withdraw their deposits and pool profits, excluding BUNNY. They will also not pay the 30% performance fee.