Skip to main content
Sign in
BSC TMM/USDT1 decision on this page

Audit log

Every state-changing event for BSC TMM/USDT: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-26 18:37:00Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,339,815
    sig
    653rHarxiJ94…faehLVdTexplorer ↗
    hash
    BPCdNCMNqiqL…297ow7wfsha256 → base58
    verifying row…full verify ↗
    canonical bytes (4397 B) ▸
    {"actor":"system:backfill","investigation_id":"5f480e69-b133-4d57-928d-8600861f0cbc","kind":"publish","page_slug":"bsc-tmmusdt","published_at":"2026-05-26T18:37:00.703Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"BSC TMM/USDT","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026","type":"other","url":""},{"credibility":3,"name":"https://phemex.com/news/article/bsc-network-hit-by-tmmusdt-reserve-manipulation-attack-1665-million-lost-71016","type":"other","url":""},{"credibility":3,"name":"https://x.com/exvulsec/status/2040649377803546859","type":"other","url":""},{"credibility":3,"name":"https://hacked.slowmist.io/?c=BSC&page=1","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/token/0x1d6f03b0b20b2ec05b37bf60f56af442ced66666","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/exvulsec/status/2040649377803546859","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/token/0x1d6f03b0b20b2ec05b37bf60f56af442ced66666","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/tmm-token","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/token/0x1d6f03b0b20b2ec05b37bf60f56af442ced66666","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/token/0x1d6f03b0b20b2ec05b37bf60f56af442ced66666","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-april-2026","type":"other","url":""},{"credibility":3,"name":"https://hacked.slowmist.io/?c=BSC&page=1","type":"other","url":""},{"credibility":3,"name":"https://bscscan.com/token/0x1d6f03b0b20b2ec05b37bf60f56af442ced66666","type":"other","url":""},{"credibility":3,"name":"https://phemex.com/news/article/bsc-network-hit-by-tmmusdt-reserve-manipulation-attack-1665-million-lost-71016","type":"other","url":""}]}],"sources_used":[],"summary":"BSC TMM/USDT is a Binance Smart Chain token pair that was exploited on April 4, 2026, via a flash loan-based reserve manipulation attack, resulting in an estimated loss of $1.665 million USDT. The attacker burned TMM tokens to a dead address to artificially skew pool reserves, then extracted USDT through a Constant Product Market Maker (CPMM) pricing imbalance. The TMM token contract lacked reserve synchronization on burn operations and had no verified third-party security audit on file.","timeline":[{"date":"2021-02-01","event":"TMM Group token reportedly launched on BSC, targeting DeFi and multi-utility use cases in Asian and African markets.","source":""},{"date":"2026-04-04","event":"Reserve manipulation attack executed against BSC TMM/USDT pool. Attacker burns TMM to dead address, reducing pool reserves to 1 TMM, then swaps 850 million TMM for ~272 million USDT via flash loans from five DeFi protocols. Net profit of $1,665,255 USDT extracted.","source":""},{"date":"2026-04-05","event":"ExVul security account posts alert on X identifying attacker contract (0x1c5e8d3501bbcae900e14d8720774d9ff6ec7203), target token address, and profit recipient wallet. Phemex publishes news article on the attack.","source":""},{"date":"2026-04-05","event":"SlowMist logs the TMM BSC exploit in its hacked database with a $1,665,000 loss figure.","source":""},{"date":"2026-04-01","event":"Halborn publishes detailed post-mortem: 'Explained: The TMM Hack (April 2026)', confirming root cause as missing reserve sync on burn operations.","source":""},{"date":"2026-04-30","event":"Halborn includes TMM in its 'Month in Review: Top DeFi Hacks of April 2026' roundup, listing it among the month's significant losses.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 94786cf4-9d84-439c-b07e-4fa65268cf44
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.