How much was lost in the BYToken hack?

The BYToken hack resulted in $87K in losses on June 04, 2026.

What attack technique was used in the BYToken exploit?

The BYToken exploit utilized Flash Loan Attack. Understanding this attack vector is critical for smart contract auditors and developers building secure DeFi protocols.

How can developers prevent similar smart contract attacks?

Preventing smart contract hacks requires a combination of secure coding practices, thorough security audits, and understanding common attack vectors like reentrancy, oracle manipulation, and access control flaws. Smart Contract Hacking (SCH) provides hands-on training to help developers and auditors identify and prevent vulnerabilities before deployment.

BYToken Hack

TOTAL LOST $87K

Low Jun 04, 2026 Flash Loan Attack

Affected Chain 2026 Incident surface

Recovered - No recovery reported

All-Time Rank #1546 By amount stolen

Protocol Type Exploit/Flash Loan Attack Target category

Incident Overview

Quick Summary

On June 4, 2026, the BYToken contract on the BNB Chain was exploited for approximately $87,400 (146.6 BNB) via a flash-loan price manipulation attack.

Details of the Exploit

The attack capitalized on an unprivileged, public function named triggerAutoBurn() inside the BYToken contract. The exploiter initiated the attack by securing a massive flash loan of roughly 422,000 WBNB from Moolah (Lista DAO). Using a portion of these funds, they executed Initial swaps to set up the pool conditions, then called the public triggerAutoBurn() function.

This function was designed to reduce token supply but lacked proper caller access controls, allowing the attacker to force a massive burn of ~67.8 quadrillion BY tokens directly from the BY/WBNB PancakeSwap pair. Following the burn, the contract triggered a pool sync(), which recalculated the token reserves down to a near-zero level while keeping the WBNB amount high. This extreme imbalance massively skewed the token price formula ($x \cdot y = k$).

The attacker exploited this artificial premium by selling a minimal amount of BY back into the pool, draining the remaining WBNB liquidity before repaying the flash loan.

Block Data Reference

Exploit tx: https://bscscan.com/tx/0xe31c681e…980979

Incident Report

Protocol / Project BYToken

Date of Incident June 04, 2026

Attack Technique Flash Loan Attack

Classification Token

Primary Source View Post-Mortem

Protocol Information

Protocol Type Exploit/Flash Loan Attack

Team Anonymous

Source Code Unverified

What the Attacker Needed to Succeed

Understanding the prerequisites for this type of attack helps auditors identify protocols that are most at risk and helps developers build better defenses.

Technical Knowledge Deep understanding of flash loan attack and Solidity and EVM internals

Capital Required Flash loan capital (borrowed atomically, zero upfront cost)

On-Chain Access Ability to interact with smart contracts and deploy a custom exploit contract

Protocol Analysis Identification of the exploitable vulnerability in BYToken's contract logic - root cause: token

Execution Speed Precise transaction ordering and timing to exploit the vulnerability within a single atomic block

Obfuscation Plan A strategy to launder and move stolen funds - typically through mixers, cross-chain bridges, or decentralized DEX swaps to resist tracing

What Auditors Should Check

Could this have been caught in audit? Yes — skilled auditors routinely flag Flash Loan Attack vulnerabilities in code review

If you're auditing a protocol with similar architecture to BYToken, these are the critical security checks that could have prevented this incident (June 2026).

Verify all logic paths related to Flash Loan Attack are guarded by proper access controls and input validation
Review privileged functions (owner, admin, governance) for potential abuse vectors - centralization risks should be documented and bounded with timelocks or multi-sigs

Master these auditing techniques with hands-on labs and real exploit scenarios in the Smart Contract Hacking course.

Free Trial

Sources & References

01
Source 1 https://x.com/TenArmorAlert/status/2062708160700322257

Threat Assessment

Severity Level

LOW

Attack Vector Flash Loan Attack
Root Cause Token
Year 2026

Learn to Prevent the Next BYToken

The BYToken hack is one of many attacks that skilled auditors are trained to detect before deployment. Master real exploit patterns and defense techniques with hands-on Web3 security training.

Start Free Trial Browse Attack Library