Attackers exploited a vulnerability in the ATM token’s transfer system on BNB Chain, draining roughly $243,000 from the protocol. The issue stemmed from a built-in feature that automatically converted a portion of transferred ATM tokens into BSC-USD during transactions. By repeatedly triggering this function, the attacker was able to withdraw additional funds from the contract.
CertiK flagged the incident after detecting unusual on-chain activity tied to ATM’s custom transferFrom() function. The security firm said the contract swapped 20% of every transfer into BSC-USD, but a flaw in the implementation allowed the attacker to abuse the mechanism multiple times and extract value from the protocol.
Security firm TenArmorAlert also confirmed the attack and estimated losses at roughly $243,500. Investors now await details on whether the vulnerable logic has been disabled and whether the project can prevent similar attacks from happening again.
Custom transfer features become the weak point
The ATM token exploit stemmed from a flaw in the project’s transfer mechanism rather than market conditions or liquidity pressures. Security researchers said the vulnerability allowed an attacker to abuse a built-in swap feature and siphon roughly $243,000 from the protocol.
The vulnerability centered on custom code embedded within ATM’s transfer process. While standard token transfers simply move assets between wallets, ATM’s contract also executed an automatic token swap during transactions. Consequently, the attacker repeatedly triggered that function and extracted additional value from the protocol.
The incident shows a big problem for token developers. Many projects have treasury management, liquidity support, rewards, and tax stuff built right into the tokens. This can help automate things and boost growth, but it can also create big issues if devs don’t plan for all transaction possibilities. So these features, while helpful, can be unpredictable too.
Similar DeFi exploits continue to surface
The ATM exploit adds to a growing list of smart contract failures that have hit the crypto sector this year. Recently, on-chain analyst Specter reported an attack on TesseraDAO, a project operating on BNB Chain. The attacker allegedly minted 99 million TSR tokens and quickly sold them, triggering a sharp collapse in the token’s value.
Specter described the incident in a post on X: “A project on BNB Chain, Tessera Dao, has been exploited. The attacker minted 99M $TSR and dumped the tokens for $2.4M. As a result, $TSR plunged 99%.”
The researcher also said the attacker moved the proceeds through Tornado Cash, a cryptocurrency mixing service often used to obscure transaction trails.
Moreover, the latest incident echoes vulnerabilities discovered in earlier projects. One notable example involved Redacted Cartel’s wxBTRFLY token, where developers uncovered a flaw in a custom transfer function before attackers could exploit it on a large scale. The team later patched the issue and awarded a bug bounty worth roughly $560,000 to the researcher who identified the weakness.
CertiK warns of growing stablecoin threats
Alongside its findings on the ATM incident, CertiK recently published its Skynet 2026 Stablecoin Threat Intelligence Report, which highlights growing risks across decentralized finance and stablecoin infrastructure.
According to the report, bridge-related attacks have already caused more than $328 million in losses this year. Moreover, wallet compromises have overtaken smart contract vulnerabilities as the leading cause of major DeFi losses, signaling a shift in how attackers target crypto projects.
The report also examined the rapid growth of A7A5, a Russian-ruble-backed stablecoin that processed more than $110 billion in on-chain transactions within a year of launch. CertiK said the token now accounts for roughly 43% of the global non-U.S. dollar stablecoin market. However, its expansion continued despite sanctions imposed by the United States, the United Kingdom, and the European Union.
Also Read: £5M Crypto Gift Scandal: U.K PM Starmer Puts Nigel Farage on the Spot
