xWin Finance Incident: Root Cause Analysis

Summary

This incident was due to a bug in the internal _swapBNBToTokens() function of xWinFund contract which implements a price slippage control. However, the logic of slippage control is invalid. The hacker made use of this bug and gained rewards (in terms of 303,998.86 xWin tokens) from the contract to swap for BNB. Below we will take one of the exploited transactions as an example and elaborate the details.

Details

The Hack Walk-through

The Stolen Funds

The incident leads to the reward of 607,998 xWin tokens transferred to the attacker, and then it was used to swap for BNB. Note the attacker’s funds from the above exploitations were initially held in this wallet: 0xB63F. We are actively monitoring this wallet for any movement.

About Us

PeckShield Inc. is an industry leading blockchain security company with the goal of elevating the security, privacy, and usability of the current blockchain ecosystem. For any business or media inquiries (including the need for smart contract auditing), please contact us at telegram, twitter, or email.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store