DIP token double-transfer bug lets attacker drain $111K USDC from PancakeSwap pool

𝕏/@SlowMist_Team •

Revision history

3 recorded changes

Want your article here?

SlowMist says an attacker drained 111,097.596667856001191208 USDC, about $111,097.6, from a PancakeSwap DIP liquidity pool by abusing DIP’s `_transfer()` logic. The bug was a missing `return` in the router branch, causing transfers involving the PancakeSwap Router to execute twice; the attacker repeatedly called `skim(router)` and then `sync()` to crush reserves and skew the AMM price. SlowMist identified the attacker as `0x0d4024cd27538350a911d9b7ee90811fa4875ba3`, the victim pair as `0xf7d8267d01d1104da2dd30828aa9c0e1647919ef`, and the vulnerable token as `0x6c60bf5db0670ae94489d3dde2c60f271625db50`.

TLDR by @Benthic

DIP token double-transfer bug lets attacker drain $111K USDC from PancakeSwap pool

More on $USDC

Kraken brings Solana DEX trading to its main app, letting users access thousands of onchain tokens via USD and USDC while planning support for more networks

Ready users report USDC card cutoffs outside EEA after issuer switch gives one-hour warning

Zama, Morpho, and Steakhouse launch Ethereum’s first confidential DeFi yield vault, enabling institutions to earn on encrypted USDC without revealing positions

Despite the rise of Stablecoin payment applications, P2P remains dominant as users prioritize better exchange rates over convenience in stablecoin payments

dYdX mobile adds MoonPay fiat deposits via card payments, Apple Pay, and Google Pay

Circle sent $4B on-chain to Coinbase. No bank wire required.

Kraken brings Solana DEX trading to its main app, letting users access thousands of onchain tokens via USD and USDC while planning support for more networks

Ready users report USDC card cutoffs outside EEA after issuer switch gives one-hour warning

Zama, Morpho, and Steakhouse launch Ethereum’s first confidential DeFi yield vault, enabling institutions to earn on encrypted USDC without revealing positions

Despite the rise of Stablecoin payment applications, P2P remains dominant as users prioritize better exchange rates over convenience in stablecoin payments

dYdX mobile adds MoonPay fiat deposits via card payments, Apple Pay, and Google Pay

Circle sent $4B on-chain to Coinbase. No bank wire required.

Total stats

How to Earn

DIP token double-transfer bug lets attacker drain $111K USDC from PancakeSwap pool

More on $USDC

Kraken brings Solana DEX trading to its main app, letting users access thousands of onchain tokens via USD and USDC while planning support for more networks

Ready users report USDC card cutoffs outside EEA after issuer switch gives one-hour warning

Zama, Morpho, and Steakhouse launch Ethereum’s first confidential DeFi yield vault, enabling institutions to earn on encrypted USDC without revealing positions

Despite the rise of Stablecoin payment applications, P2P remains dominant as users prioritize better exchange rates over convenience in stablecoin payments

dYdX mobile adds MoonPay fiat deposits via card payments, Apple Pay, and Google Pay

Circle sent $4B on-chain to Coinbase. No bank wire required.

Kraken brings Solana DEX trading to its main app, letting users access thousands of onchain tokens via USD and USDC while planning support for more networks

Ready users report USDC card cutoffs outside EEA after issuer switch gives one-hour warning

Zama, Morpho, and Steakhouse launch Ethereum’s first confidential DeFi yield vault, enabling institutions to earn on encrypted USDC without revealing positions

Despite the rise of Stablecoin payment applications, P2P remains dominant as users prioritize better exchange rates over convenience in stablecoin payments

dYdX mobile adds MoonPay fiat deposits via card payments, Apple Pay, and Google Pay

Circle sent $4B on-chain to Coinbase. No bank wire required.

Comments

Total stats

How to Earn