Flash Loan Attack Causes DeFi Token Bunny to Crash Over 95%

A hacker used PancakeSwap to manipulate the Bunny market and crashed its price to nearly zero.

May 20, 2021 at 10:32 a.m. UTC
Updated Sep 14, 2021 at 12:58 p.m. UTC

Yield-farming aggregator PancakeBunny has suffered a flash loan attack causing the value of its token to crash by more than 95%.

  • The hacker used PancakeSwap to borrow a huge supply of Binance's BNB token and manipulated its price against the Binance USD stablecoin and Bunny tokens, according to tweets by PancakeBunny Thursday.
  • The large amount of Bunny acquired by the hacker was then dumped on the market, causing its price to plummet to $6.17 from around $146, according to data from CoinGecko, equating to a crash of over 95%.
  • The total value drained by the attacker is unclear, though blockchain data suggests the attacker profited by close to $3 million.
  • The attack is the latest in a series of exploits on decentralized finance protocols operating on the Binance Smart Chain. Most recently, bEarn.Fi, a cross-chain farming protocol, suffered an exploit May 16, resulting in the loss of almost $11 million.
  • Neither Binance nor CEO Changpeng “CZ” Zhao had commented on the exploit at press time. Binance was not immediately available for comment when contacted by CoinDesk.

DISCLOSURE

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.