Attack transaction

0xe15d6f7fa891c2626819209edf2d5ded6948310eaada067b400062aa022ce718

GFA Incident

Profitable contract call to the exploit was made

Attacker gained $14,685.85

Transaction Details

Network	bsc
Attacker Address	0x0740100ad48d22bc648901520a313b46557f8ada
Exploit Address	0xbf65cadb3f637e87271a4d9a62f03a634a61a19c
Victim Address	0x875ac38bc56e2c6fbeda4354ac085cb94d0d2d2f
Funding Source	tornado
Funds Lost	$14,685.85
Block	37857764
Timestamp	14 Apr 2024 16:50:08 +00:00 (a year ago)

Attack Steps

Funding
9 Apr 2024 3:32:36 +00:00 +1.0 BNB
6 days
Exploit Contract Deployment
14 Apr 2024 16:41:26 +00:00
9 minutes
Attack Transaction
14 Apr 2024 16:50:08 +00:00 +$14,685.85

Exploit Analysis

Flashloans	No events	No tx history	console.log	SELFDESTRUCT	CREATE2

Functions
fallback()

Events
No events found

Address	Found In
0xbf65cadb3f637e87271a4d9a62f03a634a61a19c	storage
0x55d398326f99059ff775485246999027b3197955 (BEP20USDT)	storage
0x10ed43c718714eb63d5aa57b78b54704e256024e (PancakeRouter)	storage
0x0740100ad48d22bc648901520a313b46557f8ada	storage
0xca143ce32fe78f1f7019d7d551a6402fc5350c73 (PancakeFactory)	storage

External Call	To
getPair(address,address)	0xca143ce32fe78f1f7019d7d551a6402fc5350c73 (PancakeFactory)
swapExactTokensForTokensSupportingFeeOnTransferTokens(uint256,uint256,address[],address,uint256)	0x10ed43c718714eb63d5aa57b78b54704e256024e (PancakeRouter)
balanceOf(address)	0x55d398326f99059ff775485246999027b3197955 (BEP20USDT)
approve(address,uint256)
transfer(address,uint256)
0x4b5c4277	0x000000000000000000636f6e736f6c652e6c6f67
0x5f7938f1
0x7f1b60c1
0x3890ec92