Full Report
Pancake Bunny is a yield farming aggregator and optimizer for Binance Smart Chan (BSC) and Ethereum. The attacker took out a flash loan before doing this attack on BNB and Tether (USDT). First, the author minted a large amount of Liquidity Provider (LP) tokens for the pool. The price of BUNNY (the LP token) is based upon the BNB compared to the amount of USDT in the pool. Another description of this attack with more detail is found here. Then, they swapped a large number BNB into the pool for USDT. By swapping such a large number of tokens into the pool, the exchange rate was drastically modified. The pricing of tokens depends on the balance on the swapping. By taking a ton of them out, the pool becomes unbalanced. This makes the BNB token very expensive and USDT very cheap. Here is the main issue: the BUNNY tokens that are minted is strictly based upon the amount of BNB compared to the amount of USDT in the pool. So, by exchanging their LP tokens, they claim more BUNNY tokens then they should be entitled to. Finally, they repay all of the locations of the flash loan by swapping the BUNNY for something else on other exchanges. Wow, flash loans are crazy complicated... The simple remediation is to require multi-transaction operations. Additionally, using a pricing oracle, such as Chainlink, could have solve this problem as well. The same company was hit by ANOTHER flash loan attack on their Polygon version of this. In this case, the flash loan allowed them to get a crazy performance fee to mint too much BUNNY (again).
Analysis Summary
# Incident Report: PancakeBunny Flash Loan Price Manipulation
## Executive Summary
On May 19, 2021, the PancakeBunny protocol was targeted in a sophisticated flash loan attack that exploited vulnerabilities in the platform's internal price calculation logic. By temporarily inflating the value of the BUNNY token through massive automated trades, the attacker was able to mint an excessive amount of rewards. The incident resulted in the theft of approximately 114,631 WBNB, valued at roughly $45 million at the time of the event.
## Incident Details
- **Discovery Date:** May 19, 2021
- **Incident Date:** May 19, 2021
- **Affected Organization:** PancakeBunny
- **Sector:** Decentralized Finance (DeFi) / Yield Aggregator
- **Geography:** Global / Distributed
## Timeline of Events
### Initial Access
- **Date/Time:** May 19, 2021
- **Vector:** Exploitation of Smart Contract Logic via Flash Loan.
- **Details:** The attacker utilized a flash loan to acquire a massive amount of liquidity (WBNB and USDT) across multiple pools to facilitate market manipulation without needing upfront capital.
### Lateral Movement
- **Step 1:** The attacker minted a large volume of Liquidity Provider (LP) tokens for the USDT/BNB pool.
- **Step 2:** The attacker swapped a massive amount of BNB for USDT, drastically unbalancing the pool and artificially inflating the price of BNB relative to USDT.
- **Step 3:** The protocol’s internal oracle, relying on these spot prices, miscalculated the value of the attacker's LP tokens.
### Data Exfiltration/Impact
- **Detail:** Due to the skewed exchange rate, the attacker claimed a disproportionately high amount of BUNNY tokens during the exchange process.
- **Outcome:** The attacker swapped the freshly minted BUNNY for WBNB on external exchanges and repaid the flash loan.
- **Profit:** 114,631 WBNB remained as proceeds of the exploit.
### Detection & Response
- **Detection:** Rapidly identified via on-chain monitoring as the price of BUNNY crashed and liquidity was drained.
- **Response:** The PancakeBunny team acknowledged the exploit on social media, paused certain protocol functions, and began the process of migrating to more secure pricing models.
## Attack Methodology
- **Initial Access:** Smart Contract interaction (permissionless).
- **Persistence:** Not applicable (Atomic transaction/Flash loan).
- **Privilege Escalation:** Exploitation of minting logic to "unlock" tokens not rightfully earned.
- **Defense Evasion:** Use of flash loans to bypass traditional capital requirements; execution within a single block.
- **Discovery:** On-chain reconnaissance of the `BUNNY` minting arithmetic.
- **Impact:** Market Manipulation and Smart Contract Vulnerability Exploitation.
## Impact Assessment
- **Financial:** Total loss of 114,631 WBNB (approx. $44M–$45M).
- **Data Breach:** None (Public blockchain transaction data only).
- **Operational:** Protocol functionality disruption; BUNNY token price collapsed by over 90%.
- **Reputational:** Significant loss of investor trust; subsequent attacks on Polygon version further damaged brand credibility.
## Indicators of Compromise
- **Network indicators:** Transactions stemming from the Binance Smart Chain (BSC).
- **Behavioral indicators:**
- Unusually high-volume flash loans in a single block.
- Massive USDT/BNB price slippage on PancakeSwap.
- Disproportionate `mint()` calls for the BUNNY token.
## Response Actions
- **Containment:** Temporarily suspended deposits and certain pool interactions.
- **Eradication:** Patched the pricing logic in the smart contracts.
- **Recovery:** Migrated price calculation from internal spot prices to decentralized oracles.
## Lessons Learned
- **Oracle Dependence:** Relying on internal "spot prices" for token valuation is a critical failure point, as spot prices are easily manipulated with high capital (flash loans).
- **Transaction Atomicity:** Flash loans allow attackers to execute complex, multi-step attacks in a single block, making real-time human intervention impossible.
## Recommendations
- **Pricing Oracles:** Implement Time-Weighted Average Price (TWAP) or decentralized oracles like **Chainlink** to determine asset values, rather than relying on current pool balances.
- **Multi-Transaction Operations:** Require specific actions (like minting and claiming) to occur across different blocks to break flash loan atomicity.
- **Slippage Protection:** Implement stricter checks on price movement during large transactions to prevent minting based on "stale" or manipulated data.