BlockSec: BSC Chain BCE Token Burn Mechanism Vulnerable, Hacker Exploits Arbitrage to the Tune of Around $679,000

BlockBeats News, March 23rd, according to BlockSec monitoring, a few hours ago a suspicious transaction targeting the BCE–USDT liquidity pool on PancakeSwap (running on BNB Smart Chain) was detected, resulting in approximately a $679,000 loss.

Preliminary analysis indicates that the root cause of the issue lies in the vulnerability of the BCE token's burn mechanism. The attacker deployed two malicious contracts, bypassed the buy/sell limit, and triggered token burns within the liquidity pool.

This operation led to an artificial distortion of the pool's asset reserves, allowing the attacker to successfully drain the BCE–USDT liquidity pool, profiting around $679,000.