Wednesday, July 8, 2026
No Result
View All Result
Coins League
  • Home
  • Bitcoin
  • Crypto Updates
    • Crypto Updates
    • Altcoin
    • Ethereum
    • Crypto Exchanges
  • Blockchain
  • NFT
  • DeFi
  • Metaverse
  • Web3
  • Scam Alert
  • Regulations
  • Analysis
Marketcap
  • Home
  • Bitcoin
  • Crypto Updates
    • Crypto Updates
    • Altcoin
    • Ethereum
    • Crypto Exchanges
  • Blockchain
  • NFT
  • DeFi
  • Metaverse
  • Web3
  • Scam Alert
  • Regulations
  • Analysis
No Result
View All Result
Coins League
No Result
View All Result

A Single Missing Line of Code Drained $111,000 From the DIP Token

June 17, 2026
in Bitcoin
Reading Time: 3 mins read
0 0
A A
0
Home Bitcoin
Share on FacebookShare on TwitterShare on E Mail


Key Takeaways

Slowmist mentioned a lacking return assertion in DIP token’s code drained about $111,098 in USDC.The flaw doubled transfers by way of Pancakeswap, including to 2,150-plus incidents logged by Slowmist this yr.DeFi has misplaced over $1 billion to exploits in 2026, protecting audit demand excessive heading into H2.

A Switch That Ran Twice

Slowmist flagged the incident in a menace intelligence alert, pinning the loss at 111,097.6 USDC. The agency mentioned the DIP token’s “_transfer()” operate was lacking a “return” assertion within the department that handles trades routed by means of the Pancakeswap router (an providing that decentralized exchanges use to swap tokens towards liquidity swimming pools). The workforce additional added:

“The attacker exploited this by calling `skim(router)` to set off double DIP transfers, then `sync()` to set the DIP reserve to an especially low worth, manipulating the AMM worth to empty the pool.”

Regardless of an in depth breakdown, Slowmist didn’t identify the attacker or say whether or not the stolen funds may very well be recovered anytime quickly.

The mechanics of your entire operation appear to be fairly mundane, given decentralized exchanges equivalent to Pancakeswap depend on automated router contracts to maneuver tokens between merchants and liquidity swimming pools. A token is free so as to add customized logic to its personal switch operate, however when that logic mishandles router interactions, the door opens to repeated, unintended payouts.

Within the DIP case, the lacking “return” meant code that ought to have stopped after one switch as a substitute fell by means of and executed a second time. Every commerce that touched the router successfully paid out twice, quietly bleeding USDC from the pool.

The bug wanted no flash mortgage, oracle trick, or stolen key to work (solely a niche within the token’s personal code). Such router-aware and fee-on-transfer tokens are frequent on Binance-linked chains, the place tasks typically bolt further conduct onto customary token templates. Every added department is one other place for a mistake to cover, and automatic swaps can set off that mistake 1000’s of instances earlier than anybody notices.

A part of a Pricey 2026 for DeFi

The DIP loss is small subsequent to the yr’s headline breaches, but it surely suits a gentle drumbeat of code-level failures. Slowmist’s public hack database alone has logged greater than 2,150 incidents and about $37.8 billion in cumulative losses. In current days, the tracker recorded a $105,000 loss at Thetanuts Finance and a $2.1 million Aztec Join exploit.

Much more particularly, one can see that sensible contract bugs have pushed a lot of the yr’s injury, with DeFi protocols having misplaced greater than $1 billion to hacks and exploits (as of final month). Slowmist itself traced the Aztec Join drain to a deprecated contract and pinned a $174,570 Grok-Bankr theft on a man-made intelligence (AI) agent that was tricked into approving a switch.

Lastly, Bitcoin.com Information reported earlier within the yr that Zetachain paused its mainnet after Slowmist recognized a lacking entry management in its GatewayZEVM contract, one other case of a single logic hole handing attackers a gap.

With no restoration confirmed and the attacker nonetheless unidentified, the DIP episode bolsters a recurring lesson the place a single lacking line will be sufficient to empty a pool, and unbiased audits stay the principle line of protection as DeFi losses climb.



Source link

Tags: CodeDipDrainedlinemissingsingletoken
Previous Post

Three Top Takeaways from the HSBC, Google Cloud Partnership

Next Post

Pump.fun Activity Craters 80% in Three Months, Dragging Solana Fees Lower as Traders Rotate Into Perps

Related Posts

Crypto News Today (July 8): BTC Drops Back to $62K, Coinbase Premium Hits Record Lows, and the EU is Eyeing Even Tighter Crypto Regulation
Bitcoin

Crypto News Today (July 8): BTC Drops Back to $62K, Coinbase Premium Hits Record Lows, and the EU is Eyeing Even Tighter Crypto Regulation

July 8, 2026
Polymarket Turns On Instant Bitcoin Deposits Via Lightning Network, Powered By Spark
Bitcoin

Polymarket Turns On Instant Bitcoin Deposits Via Lightning Network, Powered By Spark

July 8, 2026
LeBron James Leaves Lakers as Prediction Markets Wager Millions on His Next NBA Home
Bitcoin

LeBron James Leaves Lakers as Prediction Markets Wager Millions on His Next NBA Home

July 7, 2026
Wall Street Swallowed Bitcoin: But Satoshi Left a $80Bn Trojan Horse Wallet
Bitcoin

Wall Street Swallowed Bitcoin: But Satoshi Left a $80Bn Trojan Horse Wallet

July 7, 2026
Bitcoin Suisse Advances Middle East Expansion, Receives Financial Services Permission in Abu Dhabi
Bitcoin

Bitcoin Suisse Advances Middle East Expansion, Receives Financial Services Permission in Abu Dhabi

July 7, 2026
Payward Europe EMI License Highlights Kraken’s Regulated Fiat-Rail Expansion
Bitcoin

Payward Europe EMI License Highlights Kraken’s Regulated Fiat-Rail Expansion

July 7, 2026
Next Post
Pump.fun Activity Craters 80% in Three Months, Dragging Solana Fees Lower as Traders Rotate Into Perps

Pump.fun Activity Craters 80% in Three Months, Dragging Solana Fees Lower as Traders Rotate Into Perps

Pump.fun Activity Craters 80% in Three Months, Dragging Solana Fees Lower as Traders Rotate Into Perps

Pump.fun Activity Craters 80% in Three Months, Dragging Solana Fees Lower as Traders Rotate Into Perps

Binance Targets EU Regulatory License As MiCA Deadline Puts Exchanges Under Pressure

Binance Targets EU Regulatory License As MiCA Deadline Puts Exchanges Under Pressure

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Twitter Instagram LinkedIn RSS Telegram
Coins League

Find the latest Bitcoin, Ethereum, blockchain, crypto, Business, Fintech News, interviews, and price analysis at Coins League

CATEGORIES

  • Altcoin
  • Analysis
  • Bitcoin
  • Blockchain
  • Crypto Exchanges
  • Crypto Updates
  • DeFi
  • Ethereum
  • Metaverse
  • NFT
  • Regulations
  • Scam Alert
  • Uncategorized
  • Web3

SITEMAP

  • Disclaimer
  • Privacy Policy
  • DMCA
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Copyright © 2023 Coins League.
Coins League is not responsible for the content of external sites.

No Result
View All Result
  • Home
  • Bitcoin
  • Crypto Updates
    • Crypto Updates
    • Altcoin
    • Ethereum
    • Crypto Exchanges
  • Blockchain
  • NFT
  • DeFi
  • Metaverse
  • Web3
  • Scam Alert
  • Regulations
  • Analysis

Copyright © 2023 Coins League.
Coins League is not responsible for the content of external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In