Home Web3 SecurityCrypto Hacks & Exploits $RES Token Exploit – Oct 6, 2022 – Detailed Analysis

$RES Token Exploit – Oct 6, 2022 – Detailed Analysis

by ImmuneBytes
$RES Token Exploit – Oct 6, 2022 – Detailed Analysis

On October 6th, 2022, the $RES Token on the Binance Smart Chain suffered a flash loan attack, leading to a theft of roughly $290,000.

The attacker exploited a vulnerability in the thisAtoB function of the token’s smart contract, manipulated the pool price, and profited by swapping tokens.

This incident caused a severe 97% depreciation in the token’s value and emphasized the ever-present risks in the DeFi ecosystem, highlighting the urgency for enhanced security measures and continuous auditing.

Executive Summary:

On October 6th, 2022, the $RES Token, a BEP20 token on the Binance Smart Chain (BSC), was subjected to a flash loan attack. This exploitation led to the theft of approximately $290,000.

Overview of $RES Token

$RES is a digital currency developed on the Binance Smart Chain platform, adhering to the BEP-20 standard. It participates in the growing DeFi ecosystem, enabling various financial transactions on the blockchain.

Flash Loan Attacks: A Primer

Flash loan attacks exploit the fundamental feature of smart contracts, wherein an attacker can borrow vast sums without collateral. They then leverage this to distort a crypto asset’s price on one platform, selling it off rapidly on another, typically for a profit.

Source of Vulnerability

The primary point of exploitation was discovered in the thisAtoB function embedded in the contract. This specific function facilitated the conversion of $RES tokens into $ALL tokens, following the RES-BSCUSD-ALL route.

The Attack Mechanics

  • The hacker began by transferring 0.5 BNB from an external source to their personal wallet.
  • Exploits thisAToB function to internally call the _thisAToB function in order to convert $RES tokens to $ALL tokens.
  • Executes flash loan attacks along with several swaps subsequently to accumulate $ALL tokens. These $ALL tokens were then incinerated using the thisAToB() function.
  • This token burn escalates the reserve ratio of the pair. The attacker then proceeds to swap $ALL tokens for USDT, bagging a profit close to $209,203.
  • The hacker repeats the aforementioned steps a number of times to further pocket $81,268, cumulatively stealing around $290,000.

Amount Stolen & Impact on Token Price

Following the attack, the $RES token’s valuation plummeted sharply, witnessing a 97% decline. From an initial price point of $0.23, it dwindled to a mere $0.0060.

Addresses and Transactions Involved

Attacker’s Address:

Contract Deployed for Attack:

Targeted ($RES) Contract:



Status of Stolen Funds

Post-theft, the attacker cleverly swapped the ill-gotten assets into diverse tokens like BUSD and BNB. Subsequently, all these funds were transferred to a new contract, viewable at: https://bscscan.com/address/0x5f330ba134051d247a6700babed73b587b75b21b

Preventative Measures

The surge in flash loan attack incidents within the DeFi ecosystem has prompted the development of robust countermeasures. Two prevailing solutions include:

Decentralized Pricing Oracles: This approach decentralizes the process of fetching and verifying external data, reducing the chance of price manipulation.

DeFi Security Firms: These firms audit, verify, and monitor smart contracts for any anomalies or vulnerabilities that can be exploited, ensuring safer DeFi interactions.


The flash loan attack on the $RES Token serves as a testament to the evolving threat landscape in the DeFi space. It underscores the need for rigorous security measures, continuous auditing, and a proactive approach to safeguard assets and maintain investor confidence.

You may also like