Binance Smart Chain DeFi protocol Pancake Bunny has been exploited via a flash-loan attack, in what the community initially believed to be a record-setting $1 billion loss. The price of the protocol’s BUNNY token dropped to virtually zero in the attack, now sitting at a 95% drawdown.

Despite the rumors circulating that the attacker made off with $1 billion worth of tokens, it appears that the mechanics of the exploit were confused for the actual proceeds of the attack. Sources calculate the real losses to be around just $50 million. None of the vaults on the platform were compromised.

On the other hand, about $110 million worth of value has vanished from the BUNNY token’s market cap, leaving a big hole in the pockets of investors.

How it happened

According to the Pancake Bunny team, the attacker used the popular PancakeSwap platform to borrow a large amount of BNB tokens in a flash loan. They then manipulated the prices of USDT/BNB and BUNNY/BNB markets in order to obtain a larger-than-normal amount of BUNNY tokens, which were then dumped onto the market and tanked the price.

To add insult to injury, the attacker topped off the attack by leaving a rabbit-related pun as a note on the transaction that read “Aren’t Flashloans Earitating”.

The complete details of the attack can be found on BscScan.

Pancake Bunny Response

The Pancake Bunny team has temporarily disabled deposits into the protocol and has stated that they are working on a reimbursement plan for affected users. An official post-mortem report will also be released soon.

About Pancake Bunny

Pancake Bunny is a DeFi yield farming aggregator and optimizer on Binance Smart Chain (BSC). It enables users to maximize their interest earning on their crypto assets through yield optimization strategies, focused on prominent BSC tokens.