Cybersecurity vendor CetriK unveiled how BNB42 team managed to steal $2.8 million from users
Another day, another rug pull. However, this time result looks fairly predictable: BNB42 teased jaw-dropping rewards for all investors in a Ponzi-like style.
BNB42 protocol rug pulled: Here’s how
According to the official announcement by CertiK, a top-tier cybersecurity auditor, BNB42, a BSC-based yield farming protocol was rug-pulled on Feb. 15, 2022.
The owner of the contract deployed an UNVERIFIED contract, in which there is a function `withdraw()` to only allow the owner to withdraw the entire total BNB (eth.balance(this.address) wei) to owner’s address. pic.twitter.com/f0S1urDPvM
— CertiK Security Leaderboard (@CertiKCommunity) February 15, 2022
The owner of BNB42’s main contract deployed another unaudited contract to withdraw all funds. As such, the ownership of BNB42’s yield farming engine was changed in a number of clicks: the new contract became the only one that was able to withdraw users’ liquidity.
Then, the malefactor (0x9b74FDe50F3FcD3A02FaFEA6A187092630D6EB8f) rugged a total of 6,445 Binance Coins (BNB) and started sending it to eight different BSC addresses.
Finally, these addresses moved all funds to Tornado Cash mixing service.
200% rewards in 10 days: What was BNB42?
Today, Feb. 16, 2022, all social media accounts and the main website of BNB42 have been taken down. The team is not available for comment while the BNB42 page is being removed from trackers.
However, according to the few remaining data, BNB42 was a blatant scam from the very beginning. Its team used to offer unbelievable rewards in short periods:
BNB42 is a 100% decentralized investment platform that operates on the Binance Smart Chain. Get 20% daily, 200% after 10 days!
BNB42 accepted Binance Coins (BNB) as an investment instrument; 0.01 BNB was the minimum deposit. This Ponzi scheme was aggressively promoted by small-size crypto influencers.