On May 11, 2025, The Mobius Token (MBU) project on BNB Chain suffered an exploit that drained roughly $2.15 million. This analysis delves into the mechanics of the attack, identifies the root cause, and outlines key security takeaways.

Incident Overview

Date: May 11, 2025

Platform: Binance Smart Chain (BSC)

Attacker Address: 0x3026c464d3bd6ef0ced0d49e80f171b58176ce32

Affected Contract (Proxy):

0x95e92b09b89cf31fa9f1eca4109a85f88eb08531

Implementation Contract (at time of attack): 0x637d8ce897bb653cb83ba436cdf76bbe158f05b1

Attack Transaction:

0x2a65254b41b42f39331a0bcc9f893518d6b106e80d9a476b8ca3816325f4a150

Exploit Mechanics

An attacker was able to drain the pool by exploiting a decimal-handling bug in the protocol’s deposit() logic. By depositing only 0.001 BNB, they minted an excessively large number of MBU tokens and immediately swapped them for USDT.

Let's examine the deposit function in the Implementation Contract. Because the contract is unverified, we need to analyze its decompiled code.

When deposit() runs, the code at 0x371b is called first,

Its job is to turn the amount of BNB a user sends into an amount of USDT. While doing that, it already adds the usual 18-decimal “scale” twice time (10^36).

The code repeatedly uses the value returned by the helper function at 0x371b to calculate the MBU amount based on the token price, but the extra 18-decimal scaling added by that helper is never removed.

The amount forwarded to mint(v4) remains 10^18 times larger than it should be, causing the function to mint far more tokens than intended.

Using these enormous minted tokens, the attacker swapped them to gain approximately $2.15M USDT.

Root Cause Determination

The vulnerability originates in the function at 0x371b. In that routine, the code multiplies the decimal factor twice, so the amount of BNB supplied is converted to an overly large USDT value. Down-stream calculations then mint an excessive number of MBU tokens, allowing the attacker to drain the pool.

Lesson learned

This incident highlights the critical importance of precise on-chain arithmetic and rigorous safeguards:

1. Single-Scaling Rule: Apply decimal scaling exactly once to every incoming amount and keep all downstream math in that unified unit.

2. Invariant & Fuzz Testing: Automate invariant and fuzz tests that fail whenever a conversion inflates value beyond a tight tolerance, catching double-scaling bugs early.

3. Audited Math Libraries: Rely on well-reviewed, type-safe math libraries instead of ad-hoc helper functions for all fixed-point calculations.

By enforcing disciplined arithmetic practices and automated testing, DeFi projects can prevent similar over-mint exploits.