An underlying logical flaw in the AI Data Credit (AIDC) token smart contract has allowed a malicious actor to manipulate an on-chain liquidity pool and extract roughly $121,000 worth of Wrapped BNB (WBNB). The incident occurred on the BNB Chain, targeting a localized PancakeSwap automated market maker (AMM) deployment, according to real-time data released by blockchain security firm SlowMist.
The attack specifically targeted an error embedded inside the token’s native asset-burning mechanism. This structural oversight allowed the attacker to distort the liquidity pool’s asset ratios and withdraw virtually all of its WBNB backing. SlowMist verified that the vulnerability existed entirely within the token’s custom codebase rather than indicating any structural exploit or security breach within PancakeSwap’s core protocol.
On-chain analysis revealed that the exploit stemmed from a flaw in AIDC’s _sellTransfer() function. The function recorded a 30% burn amount without actually deducting those tokens from the seller’s balance. When another transfer later triggered _executeAccumulatedBurn(), the contract mistakenly burned tokens from the PancakeSwap liquidity pool instead of the seller.
Mathematical exploitation of pool reserves
By systematically deleting AIDC tokens directly from the liquidity pool’s custody while leaving the corresponding WBNB pool balances untouched, the exploit fundamentally warped the automated constant-product formula ($x \times y = k$) governing the AMM.
This mathematical distortion caused the spot price of the remaining AIDC tokens inside the pool to skyrocket artificially. The attacker repeatedly triggered this internal imbalance, accumulating cheap tokens and selling them back into the skewed pool at the inflated rate.
Through this iterative logic exploit, the hacker drained exactly 220.12 WBNB, equivalent to roughly $121,000, before fleeing the ecosystem. SlowMist’s forensic analysis successfully mapped the attacker’s primary wallet addresses alongside the specific unverified smart contract deployment responsible for the systemic failure.
Automated multi-wallet evasion
Blockchain security firm TenArmorAlert also flagged the exploit after detecting suspicious activity involving the AIDC token on BNB Chain, estimating losses at about $121,100. On-chain records show the attacker used an automated series of transactions to move AIDC tokens through multiple newly created wallets before interacting with PancakeSwap’s liquidity pool.
Data from BscScan indicates that the entire drainage event was tightly packaged, involving more than 180 individual BEP-20 token transfers sequenced seamlessly within a single, atomic transaction block. The automated network of addresses repeatedly funneled tokens back into the liquidity structure, forcing automated balance recalibrations.
Once the WBNB reserves were successfully extracted, the attacker routed the stolen capital through several secondary transit addresses before consolidating the full 220 WBNB bounty back into an initial funding wallet.
Smart contract risks continue rising
The latest AIDC attack adds to a growing list of exploits on the BNB Chain linked to flaws in token smart contracts. Earlier this month, attackers stole about $88,400 from the BY token project after exploiting suspicious contract behavior. In a separate incident, the LML staking protocol lost roughly $950,000 in a flash-loan attack that manipulated liquidity pool pricing.
On June 20, another exploit drained nearly $1.1 million from the OLPC/LABUBU liquidity pool on PancakeSwap V2. Blockchain investigators later debated whether that incident was caused by an external attacker or an intentional flaw built into the token contract.
Security researchers emphasize that these incidents prove the critical necessity of rigorous manual audits for custom token variables, such as dynamic transaction fees and automated deflationary burn mechanics, before exposing them to public DEX routing.
For retail market participants, the sudden collapse of the AIDC pool serves as an explicit reminder that newly deployed micro-cap tokens utilizing convoluted, unverified code logic represent some of the highest risk environments in decentralized finance.
Also Read: Cardano’s SecondFi Hack: EMURGO Sets 2-Week Timeline to Return Stolen ADA
