DCF token hacked because of wrong transfer logic.
In “transfer” function, if target address is pancake pair, it exchanges 5% of tokens to USDT and adds liquidity to DCT-USDT pancake pair. This can be used for exploit.
Hacker borrowed a huge amount of USDT and exchanged them to DCF and DCT. After that he transferred some of DCF to pancake pair. Liquidity added and he exchanged DCT to USDT again, gained 600k more USDT. Also, because of unnecessary burn functionality, pancake pair lost almost all DCF tokens.
Developers, be careful when making new transfer logic, it should be audited.
Leave a Reply