A vulnerability in the DIP token contract was exploited, causing losses of about $110,000, according to SlowMist monitoring. According to Foresight News, the root cause was a missing return statement in the DIP token’s _transfer() function within a routing branch.
SlowMist said that when a transaction’s from or to address was the PancakeSwap router contract, the same transfer could be executed twice, enabling manipulation of prices in the related liquidity pool.
SlowMist founder Yu Xian said this type of flaw could have been avoided earlier if developers had used AI tools during the code review stage. He added that the attacker’s contract has been open-sourced and verified on BscScan for public review.
DIP Token Contract Exploited After Transfer Function Bug, SlowMist Says
2026-06-17 04:07:40
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
