BlockSec: The BSC chain MT token purchase limit mechanism has a flaw, allowing hackers to arbitrage approximately $242,000

According to BlockSec monitoring, its system detected a suspicious transaction targeting the MT-WBNB liquidity pool on BSC, with an estimated loss of approximately $242,000. The reason lies in a flaw in the buyer restriction mechanism: under deflationary mode, normal buying operations are reverted, while the router/trading pair is whitelisted, allowing attackers to bypass restrictions through router swaps and liquidity removal to obtain MT from the trading pair.

The attacker then sold MT to accumulate pendingBurnAmount and called distributeFees() to directly destroy MT from the trading pair, artificially inflating the price, and then exchanged MT back to WBNB for profit. Additionally, a recommendation rule allowing the transfer of the first 0.2 MT to bypass buyer restrictions enabled the attacker to initiate the attack.