Autoshark Performance Fee Minting Incident Analysis

A copycat hack targeted at a copycat platform

The Exploit

As a result, the hacker has taken out 2.2k WBNB.

Check out the Transaction Details on BscScan.

How?

  1. Added a small sum of deposit to the SHARK-BNB Vault (with this transaction).
  2. Borrow 100K BNB of flash loan from PancakeSwap.
  3. Swapped 50K BNB into SHARK token and send them alongside the rest 50K BNB to the SharkMinter contract. (this is important! this is the key leads to the hack.)
  4. Call getReward with the deposit of SHARK-BNB Vault from the first step.
  5. With the huge amount of SHARK token and WBNB in the wallet balance of the minter contract (sent by the hacker at step 3), it returned an extremely large amount of profit (see detailed analysis below). As a result, the system minted 100M SHARK as a reward to the hacker. (plus 15M for Dev and 20M for Referrer)
  6. Sold SHARK token for 102K WBNB, repaid flash loans, taken out 2.2K WBNB.

Why?

SharkMinter uses all wallet balance to make BNBSHARK LP then uses it to calculate the profit sharkBnbLpAmount which can be easily tampered with by just sending the tokens to the minter contract.

The 50K BNB and 50K BNB worth of SHARK token sent to the contract’s wallet at step 3 made the contract believe the profit is super high.

The result: 100M (plus 15M for Dev and 20M for Referrer) of Shark token minted and dumped.

About Us

Donation: 0x227d72Ec9f332292523f64032DD25111676404aA

Pug against Rug

Pug against Rug