A Well-Designed "Self-Detonation": Analysis of the PGNLZ Attack Incident

marsbitPublished on 2026-01-28Last updated on 2026-01-28

Abstract

On January 27, 2026, an attacker executed a well-orchestrated exploit against the PGNLZ token on BNB Smart Chain, resulting in approximately $100k in losses. The attacker initiated a flash loan of 1,059 BTCB from Moolah Protocol, used it as collateral on Venus Protocol to borrow 30 million USDT, and then exchanged 23,337,952 USDT for 982,506 PGNLZ on PancakeSwap. These PGNLZ tokens were intentionally burned (sent to a dead address), drastically reducing the liquidity pool supply. This manipulation caused the price of PGNLZ to surge from approximately $0.10 to over $5,528 per token. The attacker then invoked a fee-on-transfer function, triggering a built-in burn mechanism (_executeBurnFromLP) that further depleted the pool, leaving only a minuscule amount of PGNLZ and artificially inflating the price to an extreme 40 billion times its original value. Finally, the attacker drained the liquidity pool, repaid the flash loan, and netted a significant profit. The root cause was identified as a flawed deflationary economic model with insufficient validation during fee processing and LP burns, allowing price manipulation. The incident underscores the importance of rigorous economic model design and multi-audit practices before contract deployment.

Background Introduction

On January 27, 2026, we monitored an attack on the PGNLZ project on the BNB Smart Chain:

https://bscscan.com/tx/0xa7488ff4d6a85bf19994748837713c710650378383530ae709aec628023cd7cc

After detailed analysis, the attacker continuously launched attacks against the PGNLZ project on January 27, 2026, resulting in a loss of approximately 100k USD.

Attack and Incident Analysis

The attacker first borrowed 1,059 BTCB via a flash loan from Moolah Protocol,

Subsequently, they collateralized the 1,059 BTCB on Venus Protocol to borrow 30,000,000 USDT.

Next, the attacker called the function `swapTokensForExactTokens` on PancakeSwap, using 23,337,952 USDT to exchange for 982,506 PGNLZ, but then burned these PGNLZ (sent them to 0xdead).

Before the swap, the PancakeSwap Pool contained 100,901 USDT and 982,506 PGNLZ, making the price of PGNLZ 1 PGNLZ = 0.1 USDT. After the swap, the PancakeSwap Pool had 23,438,853 USDT and 4,240 PGNLZ remaining, making the price of PGNLZ 1 PGNLZ = 5,528 USDT.

Subsequently, the attacker called the function `swapExactTokensForTokensSupportingFeeOnTransferTokens`. This function primarily supports Fee-On-Transfer Tokens, i.e., tokens that incur fees on transactions. PGNLZ uses `_update` to handle transaction fees. The specific call chain is: transferFrom -> _spendAllowance -> _transfer -> _update

Since this was a sell, `_handleSellTax` was called.

Let's look at how `_executeBurnFromLP` is implemented.

It can be seen that `_executeBurnFromLP` uses `_update` to burn the quantity of PGNLZ specified by `pendingBurnFromLP`. In the previous block, `pendingBurnFromLP` was queried as 4,240,113,074,578,781,194,669.

After the burn, the LP Pool was left with only 0.00000001 PGNLZ, making the price 1 PGNLZ = 234,385,300,000,000 USDT, a 40 Billion-fold increase.

Finally, the attacker drained the LP Pool, repaid the flash loan, and profited 100k USDT.

Summary

The cause of this vulnerability was the deflationary economic model, which lacked validation during fee deductions or LP Pool burns. This allowed the attacker to manipulate the token's price using its deflationary characteristics. It is recommended that project teams conduct thorough multi-party validation when designing economic models and code execution logic. Before contract deployment, opt for cross-audits from multiple auditing firms during the audit phase.

Related Questions

QWhat was the total financial loss caused by the attack on the PGNLZ project?

AThe attack resulted in a loss of approximately 100,000 USD.

QHow did the attacker manipulate the price of PGNLZ token during the attack?

AThe attacker first swapped a large amount of USDT for PGNLZ and burned the tokens, drastically reducing the supply in the liquidity pool. This caused the price of PGNLZ to skyrocket by 40 billion times, from 0.1 USDT to 234,385,300,000,000 USDT per token.

QWhich function did the attacker exploit to handle the fee-on-transfer mechanism during the sell operation?

AThe attacker exploited the function swapExactTokensForTokensSupportingFeeOnTransferTokens, which triggered the _handleSellTax function and subsequently _executeBurnFromLP to burn a massive amount of PGNLZ tokens from the liquidity pool.

QWhat was the root cause of the vulnerability in the PGNLZ project?

AThe vulnerability was caused by a deflationary economic model that lacked proper checks when deducting fees or burning tokens from the pool, allowing the attacker to manipulate the token's price through supply reduction.

QWhich protocols did the attacker use to obtain the initial funds for the attack?

AThe attacker used a flash loan from Moolah Protocol to borrow 1,059 BTCB, which was then collateralized on Venus Protocol to borrow 30,000,000 USDT.

Related Reads

Trading

Spot
Futures

Hot Articles

How to Buy WELL

Welcome to HTX.com! We've made purchasing Moonwell Artemis (WELL) simple and convenient. Follow our step-by-step guide to embark on your crypto journey.Step 1: Create Your HTX AccountUse your email or phone number to sign up for a free account on HTX. Experience a hassle-free registration journey and unlock all features.Get My AccountStep 2: Go to Buy Crypto and Choose Your Payment MethodCredit/Debit Card: Use your Visa or Mastercard to buy Moonwell Artemis (WELL) instantly.Balance: Use funds from your HTX account balance to trade seamlessly.Third Parties: We've added popular payment methods such as Google Pay and Apple Pay to enhance convenience.P2P: Trade directly with other users on HTX.Over-the-Counter (OTC): We offer tailor-made services and competitive exchange rates for traders.Step 3: Store Your Moonwell Artemis (WELL)After purchasing your Moonwell Artemis (WELL), store it in your HTX account. Alternatively, you can send it elsewhere via blockchain transfer or use it to trade other cryptocurrencies.Step 4: Trade Moonwell Artemis (WELL)Easily trade Moonwell Artemis (WELL) on HTX's spot market. Simply access your account, select your trading pair, execute your trades, and monitor in real-time. We offer a user-friendly experience for both beginners and seasoned traders.

2.1k Total ViewsPublished 2024.03.29Updated 2025.03.21

How to Buy WELL

What is $WELL

WELL3, $$WELL: Revolutionizing Health and Wellness with DePIN and AI Introduction In the rapidly evolving landscape of digital technology, the health and wellness sector stands at the forefront of innovation, striving to enhance patient care and promote healthier lifestyles. A groundbreaking player in this domain is WELL3, a pioneering Web3 project that seeks to revolutionize how individuals engage with their health. By leveraging technologies such as Decentralized Physical Infrastructure Network (DePIN), Decentralized Identity (DID), and Artificial Intelligence (AI), WELL3 aims to foster secure, data-empowered health journeys. This comprehensive article delves deep into the core aspects of WELL3, $$WELL, exploring its functionalities, creators, investors, and unique features. What is WELL3, $$WELL? WELL3 serves as an innovative platform set to redefine the approach towards health and wellness. Focused on integrating DePIN and DID alongside AI systems, the project is designed to create personalized user experiences while ensuring the safety and privacy of individuals' health data. With an impressive figure of over one million pre-registered users, the primary mission of WELL3 revolves around enhancing well-being through secure, data-driven health journeys. At its core, WELL3 employs advanced blockchain technologies to ensure that users have complete control over their personal information. This project not only addresses the challenges of data security and accessibility but also aspires to create a vibrant community connected by a shared commitment to better health. Key Features of WELL3: DePIN and DID: These technologies enable secure ownership and authentication of data, giving users full control over their information. AI Integration: Utilizing AI analytics, WELL3 offers personalized insights and solutions tailored to individual health needs. Community Engagement: Facilitates a supportive environment where users can connect, share experiences, and motivate each other toward healthier living. Creator of WELL3, $$WELL The identity of the creator of WELL3 remains unspecified in the available information. As the project progresses, further details may emerge, shedding light on the visionary minds behind this transformative initiative. Investors of WELL3, $$WELL WELL3 has garnered support from a myriad of influential investment entities, highlighting its credibility and potential in the health and wellness space. Notable investors include: Animoca Brands AWS Samsung The Spartan Group Blocore Fenbushi Capital Newman Group Soul Capital XY Finance Lumoz The backing from these established organizations demonstrates a strong belief in WELL3's mission, providing it with the necessary resources to innovate and expand its offerings. How Does WELL3, $$WELL Work? WELL3 operates by melding cutting-edge technologies in a multichain framework, ensuring a seamless and innovative user experience. Below are some factors that uniquely position WELL3 in the wellness market: 1. Secure Data Ownership With the integration of DePIN and DID, users can maintain complete control over their personal health information. This layer of security is paramount in today's digital age, where data breaches and unauthorized access are rampant. Through WELL3, data ownership is decentralised, enabling users to manage their information proactively. 2. Personalization through AI WELL3 implements AI-driven analytics to provide users with tailored health insights. By harnessing the power of AI, the platform can offer individualised recommendations and solutions, encouraging users to achieve their health goals more effectively. 3. Multichain Framework The WELL3 project is designed to work across multiple blockchain platforms, including Bitcoin, Ethereum, Polygon, Solana, Blast, and TON. This multichain capability ensures that users can interact with the platform seamlessly across different networks, enhancing accessibility and usability. 4. WELL Token Central to the WELL3 ecosystem is the WELL Token, which serves multiple functions including utility, governance, and rewards. The token allows for ecosystem participation, supports health data sharing, and incentivizes users based on their engagement with the platform. Timeline of WELL3, $$WELL The trajectory of WELL3 showcases significant milestones in its development, each contributing to the project's overall success. Here is a brief timeline of critical events in the history of WELL3: February 10, 2024: WELL3 launched its NFT project, quickly rising to prominence as the largest NFT collection on the opBNB chain with over 324,000 owners and reaching 8 million NFTs created by April 27, 2024. Public Sale: The project achieved a remarkable total value locked (TVL) of approximately 15,237.2 ETH within just seven days, indicating robust market interest and backing. WELL ID Launch: The platform saw over 900,000 users sign up for the WELL ID and its corresponding NFT Ring whitelist, marking a significant adoption phase within the ecosystem. Partnership Development: WELL3 established partnerships with leading entities including Animoca Brands, AWS, Samsung, and others to enhance its ecosystem and expand its reach. Transaction Volume: WELL3 has facilitated over $17 million in transactions, reflecting its growing utility and engagement within the health and wellness community. Key Points About WELL3, $$WELL As a progressive initiative shifting towards the wellness market, WELL3 has identified several vital elements that will contribute to its ongoing success. Here are some key takeaways to note: Tokenomics The $$WELL token has a maximum supply of 42 billion, with a significant 71% earmarked for community initiatives. This distribution strategy emphasises the project's commitment to its user base and long-term sustainability. Lock-Up Period To ensure stability within the ecosystem, tokens are released in batches over a 24-month lock-up period, promoting trust and confidence among users. Ecosystem Development WELL3's vision extends toward creating a comprehensive and sustainable ecosystem to encourage thriving community engagement, health-enhancing behaviors, and digital solutions that address the pressing needs of the wellness domain. Market Fit The wellness industry, valued at $5.6 trillion, presents a lucrative opportunity that WELL3 aims to tap into. With an anticipated annual growth rate of 5-10%, the project is ideally positioned amid a rising trend towards health-conscious living. Wearables Introducing the WELL3 Ring, a crypto-incentivized wearable, aligns with the growing demand for personalized health data. This device not only enhances user experience but also redefines what it means to be engaged with one’s health in the context of Web3. Conclusion WELL3 represents a significant advancement in the integration of blockchain technology within the health and wellness sector. By addressing crucial issues around data ownership, personalization, and community engagement, this innovative platform offers a forward-thinking solution to enhance individual well-being. With robust backing from notable investors and a commitment to pioneering technologies, WELL3 stands poised to make a lasting impact in the wellness landscape. For those seeking to navigate the complexities of health in the digital age, WELL3 is certainly one to watch as it continues to evolve and grow.

548 Total ViewsPublished 2024.07.14Updated 2024.12.03

What is $WELL

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of WELL (WELL) are presented below.

活动图片

Top Questions