GoPlus released a security alert stating that the 4AGENT token (contract starting with 0x15ea), themed around Gork 4.2, is a Pi Xiu token, with KOLs and smart money being affected, resulting in a total loss of 170 #BNB (approximately $100,000). Out of the attack proceeds, 123.7 BNB was transferred to an address starting with 0xFcc7; another 46 BNB was exchanged for ETH via orbiter and crossed to an address starting with 0x96f4.
The source of the Dev funds is Bitget. By tracing back through the cross-chain address, two previously issued malicious tokens that were also not open-sourced were found: DEBOT and U Lottery.
This incident underscores token-risk exposure within the BSC ecosystem and demonstrates how cross-chain flows can obscure fund origins and attacker profits. Security teams should monitor linked addresses and advocate for broader security auditing across token launches to mitigate similar threats.
Leave a Reply