Attack transaction

0x1d0af3a963682748493f21bf9e955ce3a950bee5817401bf2486db7a0af104b4

BurnsDeFi Incident

Profitable contract call to the exploit was made

Attacker gained $64,264.70

Transaction Details

Network	bsc
Attacker Address	0xc9fbcf3eb24385491f73bbf691b13a6f8be7c339
Exploit Address	0xb5eebf73448e22ce6a556f848360057f6aadd4e7
Victim Address	0x
Funding Source	tornado
Funds Lost	$64,264.70
Block	35858190
Timestamp	5 Feb 2024 3:02:08 +00:00 (2 years ago)

Attack Steps

Funding
5 Feb 2024 1:56:38 +00:00 +1.0 BNB
3 minutes
Transfer To Intermediate Address
5 Feb 2024 1:53:26 +00:00 +1.0 BNB
a minute
Exploit Contract Deployment
5 Feb 2024 1:54:47 +00:00
an hour
Attack Transaction
5 Feb 2024 3:02:08 +00:00 +$64,264.70

Exploit Analysis

Flashloans	No events	No tx history	console.log	SELFDESTRUCT	CREATE2

Functions
supportsInterface(bytes4)
getRoleAdmin(bytes32)
grantRole(bytes32,address)
renounceRole(bytes32,address)
hasRole(bytes32,address)
DEFAULT_ADMIN_ROLE()
revokeRole(bytes32,address)

Events
RoleGranted(bytes32,address,address)
RoleRevoked(bytes32,address,address)

Address	Found In
0xc9fbcf3eb24385491f73bbf691b13a6f8be7c339	storage
0x55d398326f99059ff775485246999027b3197955	storage
0x10ed43c718714eb63d5aa57b78b54704e256024e	storage
0x16b9a82891338f9ba80e2d6970fdda79d1eb0dae	storage
0xbb4cdb9cbd36b01bd1cbaebf2de08d9173bc095c	storage

External Call	To
balanceOf(address)	0x55d398326f99059ff775485246999027b3197955
token1()
token0()
flashLoan(uint256,uint256,address,bytes)
swap(uint256,uint256,address,bytes)
getAmountOut(uint256,uint256,uint256)
getReserves()