QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$84 000 USD
APRIL 2025
GLOBAL
ACB
DESCRIPTION OF EVENTS
ACB is a smart contract on the Binance Smart Chain. It was first launched on March 14th, 2025.
The staking system of ACB had a vulnerability.
The underlying issue lies in the buyMachine function within ACB’s staking contracts, which determines rewards based on the spot price of the ACB token from the ACB/USDT trading pair.
The attacker initially manipulated the ACB token price and executed a staking transaction, resulting in an unusually large reward. According to Blockaid, "[t]he vulnerability allowed the attacker to claim an airdrop multiple times to drain the airdrop machine."
Following this, the attacker repeatedly claimed rewards in subsequent transactions and used the swapTo function to exchange the reward tokens back into ACB, ultimately extracting value from the ACB/USDT pool.
Blockaid reported losses at 60k. SlowMist reported $22,804. TenArmor reports $84.1k.
"According to the SlowMist MistEye security monitoring system, ACB appears to have been attacked on BSC, resulting in a loss of approximately $22,000."
It is unclear who operates the ACB smart contract, and whether anything was done to resolve the issue.
The ACB smart contract appears to continue to operate.
ACB is a smart contract on the Binance Smart Chain, launched on March 14th, 2025, with a vulnerability in its staking system. The flaw stemmed from the buyMachine function, which calculated rewards based on the manipulable spot price of ACB from the ACB/USDT pair. An attacker exploited this by inflating the token price, staking to receive excessive rewards, and repeatedly claiming and swapping them for profit. According to Blockaid, the exploit involved abusing the airdrop mechanism, and reported losses range from $22,804 (SlowMist) to $84,100 (TenArmor). The identity of the contract operators remains unknown, and the contract appears to still be active without a confirmed resolution.
SlowMist - "We detected potential suspicious activity related to $ACB. As always, stay vigilant!" - Twitter/X (May 26)
ACB Smart Contract - BSCScan (May 26)
Transaction Creating ACB Smart Contract - BSCScan (May 26)
Creation of Smart Contract - BSCScan (May 26)
TenArmorAlert - "Our system has detected a suspicious price manipulation attack involving #ACB on #BSC, resulting in an approximately loss of $84.1K." - Twitter/X (May 26)
Exploit Transaction By TenArmor - BSCScan (May 26)
ACB Price - ApeSpace (May 26)
Blockaid - "Our detection system has detected an ongoing exploit on BNB. 60k USD already drained." - Twitter/X (May 26)
https://x.com/TenArmorAlert/status/1915324379757502727 (Aug 5)
