$700,000 drained from BNB Chain-based DeFi protocol LaunchZone

Published at: Feb. 27, 2023

$700,000 worth of funds has been drained from BNB Chain DeFi protocol LaunchZone, with the project alleging that an attacker has carried out an exploit.

Details remain scarce after more than 80% of funds in the LaunchZone liquidity pool were drained on Feb. 27. A message on the project’s official Telegram group warned users not to buy tokens until more information has been gathered:

“$LZ is being hacked from DND exploiter. The team is handling the situation, please don't buy the token at this stage. Please keep calm. We will update timely (sic).”

The value of LaunchZone’s native token $LZ dropped by over 80% as funds were swapped out through PancakeSwap as per blockchain data from a number of different blockchain explorers.

LaunchZone has over 44,000 members on its Telegram channel and some 275,000 followers on Twitter. The project has not made any warnings or announcements to its large Twitter following and Facebook page is yet to respond to requests for comment from Cointelegraph.

The BNB Chain ecosystem has grappled with hacks and exploits over the past year. The BNB Chain itself fell prey to a $100 million exploit in October 2022 that resulted in a hard fork. Attackers had taken advantage of a cross-chain exploit.

Web3 infrastructure firm Jump Crypto also identified and disclosed a critical vulnerability to the BNB Chain team in February 2023. The exploit could have allowed an attacker to mint an unlimited amount of tokens via malicious transfers. The BNB team patched the vulnerability before it was disclosed to the wider public.

This is a developing story, and further information will be added as it becomes available.

Tags

Defi

Hacks

Hackers

Bsc

Decentralized Exchange

Related Posts

Furucombo to issue iouCOMBO tokens to repay victims of $15M exploit

Decentralized finance transaction combination tool Furucombo will compensate the victims of a recent “evil contract” exploit that cost the protocol $15 million in stolen funds. Following an internal call with affected users last week, Furucombo released a compensation plan Tuesday, announcing that they will issue 5 million iouCOMBO tokens to the victims of the breach. Issued in the form of ERC-20 tokens, iouCOMBO tokens will represent the rights to claim Furucombo’s COMBO tokens in the recovery pool. Out of a total of 100 million COMBO tokens, 5 million coins have been allocated to the recovery pool, and are subject to …

Technology / March 9, 2021

Transaction batching protocol Furucombo suffers $14 million “evil contract” hack

The latest “evil contract” exploit has netted an attacker over $14 million in stolen funds. Furucombo, a tool designed to help users “batch” transactions and interactions with multiple decentralized finance (DeFi) protocols at once, fell victim to the attack at roughly 4:45 pm UTC, which centered on token approvals from users. The attacker’s address currently has $14 million worth of various cryptocurrencies, but the attack appears to be larger as they have been transferring ETH to privacy mixer Tornado Cash in batches over the last hour. This attack is conceptually similar to the $20 million “evil jar” attack that struck …

Ethereum / Feb. 27, 2021

The aftermath of Axie Infinity’s $650M Ronin Bridge hack

In late March, Ronin, an Ethereum sidechain built for the popular play-to-earn nonfungible token game Axie Infinity, was hacked for over 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) for a combined value of over $600 million. The breach on the Ronin bridge was confirmed by Sky Mavis, the developers behind the popular play-to-earn (P2E) game: There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP — Ronin (@Ronin_Network) March 29, 2022 The official report from the company noted that the hackers managed to get access to private keys to validator nodes resulting in the compromise of five validator …

Blockchain / April 12, 2022

Hacker bungles DeFi exploit: Leaves stolen $1M in contract set to self destruct

In a rare comedic bungle among decentralized finance (DeFi) exploits, an attacker has fumbled their heist at the finish line leaving behind over $1 million in stolen crypto. Just after 8:00 am UTC on Thursday, blockchain security and analytics firm BlockSec shared it had detected an attack on a little-known DeFi lending protocol called Zeed, which styles itself a “decentralized financial integrated ecosystem.” The attacker exploited a vulnerability in the way the protocol distributes rewards, allowing them to mint extra tokens, which were then sold, crashing the price to zero, but netting just over $1 million for the exploiter. Blockchain …

Defi / April 22, 2022

Mango Markets exploiter said actions were ‘legal,’ but was it?

The $117 million Mango Markets exploiter has defended that their actions were ‘legal,’ but a lawyer suggests that they could still face consequences. Self-described digital art dealer Avraham Eisenberg, outed himself as the exploiter in a series of tweets on Oct. 15 claiming he and a team undertook a “highly profitable trading strategy” and that it was “legal open market actions, using the protocol as designed.” I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they …

Defi / Oct. 18, 2022