X Player Hit with $717K Attack Similar to PGNLZ

The wave of exploits in the cryptocurrency world continues, and this time the victim is the X Player project. According to a report from CertiK Alert, the monitoring system detected a vulnerability in the contract's token burning mechanism, which an attacker used to steal approximately $717,000. The attack occurred on the BNB Chain blockchain, and the perpetrator gained access to funds through manipulation of liquidity pools.

Details of the incident reveal that the attacker exploited the DynamicBurnPool function, which had restricted access (owner, staking, node share addresses, and marketing). However, due to an implementation error, the attack allowed updating the token pair and synchronizing it, leading to a fund drain. In the provided code, a require condition with msg.sender check is visible, but as analysts note, this created multiple failure points, allowing the entire LP pool to be drained. The attack transaction is recorded on CertiK Skylens:

This exploit bears striking similarities to the recent PGNLZ hack on BNB Chain, where the attacker used a "burn pair" vulnerability, executing double reverse transactions and stealing about $100,000. In the PGNLZ case, the attacker first drained tokens and then manipulated the PGNLP price, extracting USDT from the liquidity pool. CertiK analysts note that the X Player attacker shows similarities to the PGNLZ exploiter, which may indicate the same hacker or a similar methodology.

Additional community analyses, such as from Wesley Wang and n0b0dy, point to the use of flash loans for price manipulation in a single transaction, leading to larger losses, up to $964,600 USDT by some estimates. Critics highlight access control issues: four potential failure points in a function that can drain the pool is a "wild" mistake. This underscores the need for thorough smart contract audits, especially in DeFi projects.

In the broader market context, such incidents remind us of the risks in the BNB Chain ecosystem, where similar "burn pair" vulnerabilities have already been exploited. CertiK advises developers to use external oracles and strengthen checks to avoid similar attacks in the future. For investors: always verify contracts and avoid suspicious transactions.