Verify a decision

{"actor":"system:backfill","investigation_id":"511f52c7-4e0c-4b51-964e-f2259b62b80b","kind":"publish","page_slug":"atm-token-bnb-chain-exploit","published_at":"2026-06-15T12:32:04.326Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"ATM Token BNB Chain Exploit","sections":[{"content":"On June 4, 2026, an attacker drained approximately $243,500 from the ATM Token protocol on BNB Smart Chain. The exploit was flagged by security monitoring firm TenArmorAlert and subsequently analyzed by CertiK. The attack transaction hash is reported as 0x37b90a337075cd2feea93b12780abe9f953dad476e1c1418a02447aaa6dcfd86. The attacker's address is reported as 0x7e7C1f0D567c0483f85e1d016718E44414CdBAFE, and the ATM token contract address on BNB Smart Chain is 0x4fd0878ee1bbf7b1019138e8eec746e5a5d5a205. The stolen funds were extracted as BSC-USD (the BNB Smart Chain equivalent of USDT). Security sources allege the attacker's address had been linked to previous token contract exploits dating back to 2025, though this claim has not been independently verified at Tier 1 or Tier 2 credibility level.","heading":"The Exploit","severity":"critical","sources":[{"credibility":2,"name":"ATM Token Exploit Drains $243K Through Hidden Swap Loophole — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"credibility":2,"name":"ATM Token Exploited on BNB Chain: $243,500 Drained via Hidden Swap Loophole — Cryip","type":"news_article","url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"}]},{"content":"According to CertiK's post-incident analysis, the root cause of the exploit was a non-standard implementation of the ERC-20 transferFrom() function. The ATM Token contract embedded logic within transferFrom() that automatically swapped 20% of every transferred ATM token amount into BSC-USD via a DEX router. This design introduced an unintended economic attack vector: by initiating a transfer, the caller could trigger multiple swap operations within a single transaction, extracting additional value from the contract's liquidity beyond what the transfer approval nominally permitted. The exploit did not rely on flash loans or reentrancy in the classical sense; instead, it abused the unintended compounding economic consequences of the custom swap logic. Security experts note that embedding external DEX calls within core transfer functions significantly expands the attack surface and requires rigorous formal verification — which the ATM Token contract did not receive.","heading":"Technical Vulnerability","severity":"critical","sources":[{"credibility":2,"name":"ATM Token Exploit Drains $243K Through Hidden Swap Loophole — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"credibility":2,"name":"ATM Token Exploited on BNB Chain: $243,500 Drained via Hidden Swap Loophole — Cryip","type":"news_article","url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"}]},{"content":"No verified security audit for the ATM Token contract has been identified in publicly available sources. The project has no known official website, whitepaper, or publicly disclosed roadmap as of the date of this investigation. Team identity and organizational structure are unknown. The absence of basic disclosure materials — combined with the deployment of a high-risk custom transfer mechanism without audit — is consistent with patterns observed in low-effort or fraudulent token deployments on BNB Smart Chain. It is not possible on available evidence to distinguish between a negligent development team and a deliberate rug-pull setup; both hypotheses are consistent with the known facts.","heading":"Project Transparency and Audit Status","severity":"high","sources":[{"credibility":2,"name":"ATM Token Exploited on BNB Chain: $243,500 Drained via Hidden Swap Loophole — Cryip","type":"news_article","url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"}]},{"content":"As of June 5, 2026 — one day after the exploit — the ATM Token project team had issued no official public statement. No announcement was made regarding whether the vulnerable contract logic had been disabled, whether a patch or migration was planned, or whether any recovery effort for affected holders was under consideration. This silence following a confirmed, total-loss exploit is itself treated by security analysts as a warning signal. No regulatory body has filed charges or issued a public notice related to this incident as of the time of this investigation.","heading":"Project Response and Aftermath","severity":"high","sources":[{"credibility":2,"name":"ATM Token Exploit Drains $243K Through Hidden Swap Loophole — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"credibility":2,"name":"ATM Token Exploited on BNB Chain: $243,500 Drained via Hidden Swap Loophole — Cryip","type":"news_article","url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"}]},{"content":"The ATM Token exploit is part of a documented pattern of small-cap token exploits on BNB Smart Chain in mid-2026. Adjacent incidents reported in the same week include the BY Token exploit ($88,400 drained on June 5, 2026) and the SKP Liquidity exploit ($212,000 drained on May 27, 2026). The BNB Smart Chain's permissionless token deployment environment has historically been associated with a disproportionate share of honeypot, rug-pull, and flash-loan exploit incidents relative to other chains. Security firms TenArmor and CertiK operate continuous monitoring for anomalous on-chain activity on BSC, and both flagged the ATM incident within hours of the attack.","heading":"Broader BNB Chain Context","severity":"medium","sources":[{"credibility":2,"name":"BY Token Hit by BSC Exploit, $88.4K Vanishes in Suspect Drain — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/05/by-token-hit-by-bsc-exploit-88-4k-vanishes-in-suspect-drain/"},{"credibility":2,"name":"SKP Liquidity Exploit Drains $212K Across BNB Chain DeFi Protocols — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/27/skp-liquidity-exploit-drains-212k-across-bnb-chain-defi-protocols/"}]}],"sources_used":[{"credibility":2,"name":"ATM Token Exploit Drains $243K Through Hidden Swap Loophole — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"credibility":2,"name":"ATM Token Exploited on BNB Chain: $243,500 Drained via Hidden Swap Loophole — Cryip","type":"news_article","url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"},{"credibility":2,"name":"BY Token Hit by BSC Exploit, $88.4K Vanishes in Suspect Drain — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/05/by-token-hit-by-bsc-exploit-88-4k-vanishes-in-suspect-drain/"},{"credibility":2,"name":"SKP Liquidity Exploit Drains $212K Across BNB Chain DeFi Protocols — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/27/skp-liquidity-exploit-drains-212k-across-bnb-chain-defi-protocols/"}],"summary":"ATM Token is an obscure BEP-20 token deployed on BNB Smart Chain that suffered a confirmed exploit on June 4, 2026, resulting in approximately $243,500 in losses. The attack was made possible by a flawed custom transferFrom() function that automatically swapped 20% of each token transfer into BSC-USD, which an attacker abused repeatedly within a single transaction. The project has no verified security audit, no public whitepaper or website, and issued no statement following the incident.","timeline":[{"date":"2026-06-04","event":"ATM Token contract on BNB Smart Chain exploited via flawed transferFrom() auto-swap mechanism; approximately $243,500 drained in BSC-USD by attacker address 0x7e7C1f0D567c0483f85e1d016718E44414CdBAFE.","source":"CryptoTimes / Cryip","source_url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"date":"2026-06-04","event":"TenArmorAlert and CertiK security firms flag the exploit and publish technical analysis identifying the transferFrom() auto-swap flaw as the root cause.","source":"CryptoTimes","source_url":"https://www.cryptotimes.io/2026/06/04/atm-token-exploit-drains-243k-through-hidden-swap-loophole/"},{"date":"2026-06-05","event":"ATM Token project team has issued no public statement; contract status and liquidity situation remain unaddressed.","source":"Cryip","source_url":"https://cryip.co/atm-token-exploited-on-bnb-chain-243500-drained-via-hidden-swap-loophole/"}]},"v":1}