ME News reports that on June 17 (UTC+8), according to SlowMist monitoring, the DIP token contract was attacked, resulting in losses of approximately $110,000. The root cause of this attack was a missing return statement in the DIP token’s _transfer() function within a routing branch—when the from or to address of a transaction is the PancakeSwap router contract, the same transfer is executed twice, thereby manipulating the price of the associated liquidity pool. Yu Xian, founder of SlowMist, noted that such vulnerabilities could have been avoided earlier if developers had utilized AI tools during code review. The contract used by the attacker has been verified and is publicly accessible on BscScan. (Source: Foresight News)
DIP Token Contract Hacked, $110,000 Lost Due to Missing Return Statement
KuCoinFlashShare
Summary
The DIP token suffered a $110,000 loss following a contract exploit on June 17 (UTC+8). A missing return statement in the _transfer() function enabled duplicate transactions when interacting with PancakeSwap routers, impacting liquidity in related pools. Yuxin from SlowMist stated that AI tools could have prevented this. The attacker’s contract is now publicly visible on BscScan. Traders are advised to monitor altcoins for similar risks.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.