Crypto Magazine

PancakeSwap BCE-USDT Pool Exploited for $679K in Burn Mechanism Attack

A.Gulcu
23.03.2026
6
PancakeSwap BCE-USDT Pool Exploited for $679K in Burn Mechanism Attack | Coin Newsweek

The PancakeSwap BCE-USDT liquidity pool on the BNB Smart Chain (BSC) has been exploited, with the attacker draining approximately $679,000 from the pool. Security firm BlockSec Phalcon detected the attack several hours ago and identified a critical flaw in the BCE token’s burn mechanism as the root cause of the exploit .

How the Exploit Unfolded

According to BlockSec Phalcon’s monitoring, the attacker deployed two malicious contracts designed to bypass the token’s buy and sell restrictions. The exploit leveraged a vulnerability in the BCE token’s burn mechanism, allowing the attacker to trigger token burns within the liquidity pool in a controlled manner .

By manipulating the burn function, the attacker was able to distort the pool’s reserve ratios. This manipulation created arbitrage opportunities that the attacker exploited to extract approximately $679,000 worth of value from the BCE-USDT pool. The attack was executed in a single transaction or a series of rapid transactions, a common pattern in DeFi flash loan attacks .

Technical Breakdown: The Burn Mechanism Flaw

Token burn mechanisms are designed to permanently remove tokens from circulation, typically to manage supply or reward holders. However, when a burn function can be triggered by external parties or under conditions that do not properly account for pool reserves, it creates a vulnerability .

In this case, the attacker was able to force the BCE token contract to burn tokens held within the PancakeSwap pool. This reduced the pool’s BCE balance without a corresponding decrease in USDT, throwing the pool’s pricing curve out of alignment. The attacker then swapped USDT for BCE at the manipulated rate, extracting value before the pool could rebalance .

BlockSec Phalcon noted that the attacker used two malicious contracts to execute the exploit—one to interact with the burn mechanism and another to manage the arbitrage swaps. This separation allowed the attacker to bypass standard buy/sell restrictions that might have otherwise prevented the exploit .

Response and Recovery

As of the latest update, PancakeSwap has not issued an official statement regarding the exploit. However, the BCE-USDT pool remains active, and liquidity providers are advised to monitor the situation closely. Security researchers recommend that protocols interacting with tokens containing custom burn mechanisms conduct thorough audits to identify similar vulnerabilities .

The exploiter’s address has been tracked by BlockSec, and the stolen funds—approximately $679,000—remain in the attacker’s wallet at the time of writing. It is unclear whether any recovery efforts are underway .

Context: DeFi Exploits Remain a Persistent Threat

The PancakeSwap exploit adds to a growing list of DeFi attacks in 2026. While the total value lost in DeFi exploits has declined compared to previous years, sophisticated attacks targeting tokenomics flaws remain a significant risk. Burn mechanism vulnerabilities, in particular, have been highlighted by security firms as an emerging attack vector .

PancakeSwap, as one of the largest decentralized exchanges on BSC, has been the target of multiple exploits in the past. However, the platform has consistently worked with security researchers to identify vulnerabilities and compensate affected users. It remains to be seen whether the BCE-USDT pool’s liquidity providers will be reimbursed .

Lessons for Liquidity Providers and Projects

This exploit underscores several important considerations for the DeFi ecosystem:

For Liquidity Providers: Pools involving tokens with custom mechanics (such as burns, rebases, or fees) carry additional risk. LPs should be cautious when providing liquidity to pools with complex tokenomics .

For Projects: Tokens with burn mechanisms must ensure that burn functions cannot be triggered by unauthorized parties in ways that impact liquidity pools. Comprehensive audits and ongoing monitoring are essential .

For Security Teams: The attack highlights the importance of real-time monitoring. BlockSec Phalcon’s detection within hours of the exploit demonstrates the value of on-chain surveillance in identifying and tracking malicious activity .

What Happens Next?

Security researchers will continue to analyze the exploit to fully understand the technical details of the burn mechanism vulnerability. The PancakeSwap team may issue a post-mortem report in the coming days, and discussions about potential compensation for affected liquidity providers are likely to follow .

For now, the $679,000 exploit serves as a reminder that even well-established DeFi protocols remain vulnerable to novel attack vectors. As the industry matures, the focus on securing tokenomics and smart contract logic will remain paramount .

Sources: BlockSec Phalcon, PancakeSwap, BSC Scan.

Disclaimer: This content is for market information purposes only and is not investment advice. DeFi protocols carry inherent risks, and liquidity providers should conduct thorough due diligence before participating.

Tags:

BlockSecCryptoPancakeSwap

Share Article

Our site uses cookies. By using this site, you agree to the Privacy Policy and Terms of Use.

Accept
This Space
Ad Space
50%
DISCOUNT
Don't Miss the Deals!
Limited time offer. Terms & Conditions apply.
Contact Us