The past 24 hours were quite tumultuous, with one of the largest blockchain networks – BNB Chain – suffering a security breach that saw the millions worth of cryptocurrency being compromised.
And while the process of freezing and recovering the stolen assets is ongoing and the network is back to its normal functioning, someone took the opportunity to pull off another scam.
BNBHACKINU – a token created in a clear reference to both the recent BNB Chain hack and popular dog-themed memecoins – becomes the latest scam that perpetrators pulled off to steal crypto off of innocent people.
Delivering the information was a Twitter user by the name of lorem who detailed how the entire thing went down. According to him, the hacker who was responsible for the BNB Chain exploit, created a token called BNBHACKERINU – just two hours after the initial exploit.
Because of the way the smart contract was coded, he was able to mint an arbitrary number of tokens and add them to the owner’s balance. After that, the perpetrator called three other functions that allow the owner to take the BNBHACKINU tokens out of any holder’s wallet and transfer them to any other wallet.
At this point, I knew this was definitely a rug waiting to happen. The owner was constantly calling these methods and each time the stolen tokens were sent to a brand new wallet with 0 ETH. I only went through a few of the transactions but of the fresh wallets I looked at, there were over 7 million BNBHACKINU tokens across them all.
The owner then proceeded to mint a whopping 1 quadrillion tokens, which immediately destroyed the price. Once rugged, the perpetrators had enough BNBHACKINU tokens to sell for a profit of about 60 ETH.
It’s also worth noting that there’s another token that follows these credentials, and it carries the HACKERSHIBA ticker.
Responding to the thread was ZachXBT, who pointed out that it wasn’t the exploiter (read: BNB Chain hacker) who created the scam token.
The exploiter didn’t create it. It’s literally just someone spoofing to make it look like the exploiter did. Happens after most major exploits. – He said.
Spoofing is a trick that some hackers use to trick unsuspecting users into believing that the “From” address was made by that address. This is made possible by the broader ERC-20 standard design and the transparent data display of the block explorer.