Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bscgemsmartcontractinflationfunctionexploited.php}} {{Unattributed Sources}} Binance Smart ChainThe BSCGem smart contract on the Binance Smart Chain appears to have been exploited for $17.3k due to a vulnerability in the inflation function of the contract. No further details could be located to suggest that the protocol had issued a public statement or..."

2025-01-10T22:28:36Z

Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bscgemsmartcontractinflationfunctionexploited.php}} {{Unattributed Sources}} thumb|Binance Smart ChainThe BSCGem smart contract on the Binance Smart Chain appears to have been exploited for $17.3k due to a vulnerability in the inflation function of the contract. No further details could be located to suggest that the protocol had issued a public statement or..."

New page

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bscgemsmartcontractinflationfunctionexploited.php}}
{{Unattributed Sources}}

[[File:Binancesecurity.jpg|thumb|Binance Smart Chain]]The BSCGem smart contract on the Binance Smart Chain appears to have been exploited for $17.3k due to a vulnerability in the inflation function of the contract. No further details could be located to suggest that the protocol had issued a public statement or was working to compensate affected users.<ref name="slowmistteamtwitter-17116" /><ref name="bscscan-17117" /><ref name="tenarmoralerttwitter-17118" /><ref name="bscscan-17119" />

== About BSCGem ==
BSCGem is a smart contract on BSC. No further details could be determined.

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - BSCGem Smart Contract Inflation Function Exploited
!Date
!Event
!Description
|-
|November 20th, 2024 7:07:35 AM MST
|Original Attack Transaction
|The original attack/exploit transaction happens on the Binance Smart Chain.
|-
|November 20th, 2024 8:22:00 AM MST
|TenArmorSecurity Tweet
|TenArmorSecurity posts an update on Twitter highlighting the attack, and including details of the transaction and exploit mechanism.
|-
|November 20th, 2024 8:54:00 AM MST
|SlowMist Posts Tweet
|SlowMist posts a tweet reporting that they detected suspicious activity in connection with the BSCGem smart contract.
|}

== Technical Details ==
"The root cause appears to be the interest mechanism within the token's transfer function. The attacker inflated the _interestAmount by repeatedly buying and selling tokens, ultimately extracting a significant amount of interest from the BSCGem contract, which they then sold for profit."

== Total Amount Lost ==
"resulting in an approximately loss of $17.3K."

The total amount lost has been estimated at $17,000 USD.

== Immediate Reactions ==
"Our system has detected that #BSCGem on #BSC was attacked, resulting in an approximately loss of $17.3K."

"According to monitoring by the SlowMist Security Team, the BSCGem (BSCGem) on BSC is suspected to have been attacked, resulting in a loss of approximately $17.3K."

"We detected potential suspicious activity related to the interest function of $BSCGem (0x256B37c4000E2a327E4d3B10AeE244EA5d4A3668)."

== Ultimate Outcome ==
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmistteamtwitter-17116">[https://twitter.com/SlowMist_Team/status/1859263969812443559 @SlowMist_Team Twitter] (Accessed Jan 10, 2025)</ref>

<ref name="bscscan-17117">[https://bscscan.com/address/0x256B37c4000E2a327E4d3B10AeE244EA5d4A3668 BSCGem | Address 0x256B37c4000E2a327E4d3B10AeE244EA5d4A3668 | BscScan] (Accessed Jan 10, 2025)</ref>

<ref name="tenarmoralerttwitter-17118">[https://twitter.com/TenArmorAlert/status/1859256130414981525 @TenArmorAlert Twitter] (Accessed Jan 10, 2025)</ref>

<ref name="bscscan-17119">[https://bscscan.com/tx/0x24f15810c37bbc94e95c49449f5570b21aea92fead1a1842570ff40c0844a498 BNB Smart Chain Transaction Hash (Txhash) Details | BscScan] (Accessed Jan 10, 2025)</ref></references>

BSCGem Smart Contract Inflation Function Exploited - Revision history