A staking protocol on the Binance Smart Chain (BSC) has suffered a major exploit. The attack targeted the LML/$USDT pool and caused losses of about $950,000. Security firm BlockSec detected the issue through its Phalcon monitoring system.
ALERT! Our system detected a suspicious exploit targeting an unknown contract, reportedly the LML/$USDT staking protocol, on #BSC hours ago, resulting in an estimated loss of ~$950K.
While the victim contract is not open-source, our analysis suggests a likely pricing-design… pic.twitter.com/OaTK43MviV
— BlockSec Phalcon (@Phalcon_xyz) April 1, 2026
Early findings suggest the attacker used a price manipulation trick to drain rewards from the BSC’s LML protocol. The incident adds to a growing list of similar attacks in DeFi. It also raises fresh concerns about how some protocols handle pricing and rewards.
How the Attack Worked?
The attacker followed a clear plan. First, they pushed up the price of the LML token. They did this by making large swaps in the liquidity pool. This created a temporary spike in price. Next, they used multiple wallets that had already deposited funds in the BSC’s LML protocol. These wallets were under the attacker’s control.
Then, they claimed staking rewards while the price was still high. Since rewards were based on this inflated price, the payout was much larger than normal. Finally, the attacker sold the tokens at a higher price. This completed the cycle and locked in profit. In simple terms, the attacker created a fake price, claimed rewards based on it and then cashed out.
The Key Weakness in the LML Protocol
The main issue came from how the BSC’s LML protocol calculated rewards. It used one type of price for rewards and another for actual trades. More specifically, rewards were based on a snapshot or average price. But the attacker sold LML tokens using the real-time market price. This mismatch created an opportunity. The attacker could inflate the live price and still claim rewards based on outdated calculations.
Because of this gap, the system failed to protect itself. It allowed the attacker to use both pricing methods at once. Experts believe better security features may have prevented this. Such as using stronger price oracles or stricter checks could reduce such risks.
Why These Attacks Keep Happening?
Price manipulation attacks are not new in DeFi. They often happen when protocols rely on weak pricing systems. Many platforms still depend on liquidity pool prices. These can be easily influenced with large trades or flash loans.
Without proper protections, attackers can repeat similar strategies again and again. In fact, several such exploits have been reported in recent months. This shows a bigger problem in the space. While DeFi keeps growing. The security design often struggles to keep up.
What This Means for Users and Builders?
For users, this is a reminder to stay cautious. High rewards can sometimes come with hidden risks. For developers, the message is even clearer. Strong pricing systems are not optional. They are essential. Projects need to use better tools, such as time-based pricing and secure oracles. They must also test their systems under extreme conditions.
In the end, this BSC’s LML protocol attack is not just about one protocol. It reflects a wider challenge in DeFi. As the space grows, so does the need for stronger and smarter security.