Beosin’s Analysis of the Wiener Doge Flash Loan Attack

On April 25, 2022, according to Beosin EagleEye, Wiener Doge Token has suffered a flash loan attack. Although the amount involved is small, Beosin still decides to share the the analysis as the exploitation flow is a typical one. The findings are shown below.

Relevant Information

Transaction hash:

0x4f2005e3815c15d1a9abd8588dd1464769a00414a6b7adcbfd75a5331d378e1d

Hacker address:

0x962f8b446de3e524cf99042149ebecc0130bcdbf

Profited address:

0x46ba8a59f4863bd20a066fd985b163235425b5f9

Exploitation Flow

The hacker flashloaned 2,900 BNB, swapped 5,974,259,851,654 WDOGE tokens from the WDOGE and BNB transaction pairs, and then retransferred 4,979,446,261,701 tokens into the transaction pairs.

The hacker then called the skim function to re-withdraw the excess WDOGE tokens from the transaction pair, and due to the deflationary nature of the tokens, 199,177,850,468 tokens are burned off at the same time during the transfer of the transaction pair to the attack address.

At this point the k-value of the transaction pair had been destroyed, and the hacker used the remaining WDOGE tokens to successfully swap out 2,978 BNBs within the transaction pair and transferred the profited 78 $BNBs to the profited address.

Fund Tracing

As of this writing, the profited 78 BNBs still stay at the address 0x46ba8a59f4863bd20a066fd985b163235425b5f9.

Summary

In response to this incident, Beosin security team recommends:

In this attack, the hacker exploited the deflationary nature of the tokens by having the transaction pair burned off a portion of the transaction pair tokens during the skim, corrupting the calculation of the k-value. It is recommended that deflationary tokens try to include a fee exclusion for transaction pairs when interacting with them.

If you have need any blockchain security services, please contact us:

Website Email Official Twitter Alert Telegram LinkedIn