XSD(Uniswap v2 fork project) router has functionality that burns XSD token of XSD/ETH pair.
Hacker was able to manipulate pair state using this functionality. Also, he leveraged reentrance to reduce pair balance dramatically.
After that, he was able to drain all ETH in XSD/ETH pair. This project was attacked on several chains, total loss is $45k.
Leave a Reply