BlockSec：BSC链上 USDC-OCA 流动池遭攻击，黑客利用通缩机制漏洞盗取 42.2 万美元

链捕手

Feb 14

ChainCatcher 消息，据市场消息，BSC 链上一个未知的 USDC-OCA 流动性池遭攻击，导致约 42.2 万枚 USDC 被提取。

攻击者利用了 OCA 代币的通缩性 sellOCA() 逻辑漏洞，每次调用在 swap OCA 代币的同时，从流动性池中移除等量的 OCA，人为抬高了池内代币价格。攻击通过三笔交易完成：第一笔执行攻击操作，后两笔主要用于支付额外的区块构建者贿赂。攻击者向 48club-puissant-builder 支付了总计约 43 枚 BNB 加 69 枚 BNB，最终获利估计约为 34 万美元。同一区块中的另一笔交易在 position 52 处失败，疑似被攻击者抢先交易。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2611113657"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2611113657\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2611113657?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2026-02-14 13:02","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2611113657","market":"us","top_or_hot":-1,"title":"BlockSec：BSC链上 USDC-OCA 流动池遭攻击，黑客利用通缩机制漏洞盗取 42.2 万美元","media":"链捕手","content":"<html><body><p>ChainCatcher 消息，据市场消息，BSC 链上一个未知的 USDC-OCA 流动性池遭攻击，导致约 42.2 万枚 USDC 被提取。</p><p>攻击者利用了 OCA 代币的通缩性 sellOCA() 逻辑漏洞，每次调用在 swap OCA 代币的同时，从流动性池中移除等量的 OCA，人为抬高了池内代币价格。攻击通过三笔交易完成：第一笔执行攻击操作，后两笔主要用于支付额外的区块构建者贿赂。攻击者向 48club-puissant-builder 支付了总计约 43 枚 BNB 加 69 枚 BNB，最终获利估计约为 34 万美元。同一区块中的另一笔交易在 position 52 处失败，疑似被攻击者抢先交易。</p></body></html>","source":null,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>BlockSec：BSC链上 USDC-OCA 流动池遭攻击，黑客利用通缩机制漏洞盗取 42.2 万美元</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nBlockSec：BSC链上 USDC-OCA 流动池遭攻击，黑客利用通缩机制漏洞盗取 42.2 万美元\n</h2>\n\n<h4 class=\"meta\">\n\n\n<a class=\"head\" href=\"https://laohu8.com/wemedia/1041503808\">\n\n\n<div class=\"h-thumb\" style=\"background-image:url(https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5);background-size:cover;\"></div>\n\n<div class=\"h-content\">\n<p class=\"h-name\">链捕手 </p>\n<p class=\"h-time\">2026-02-14 13:02</p>\n</div>\n\n</a>\n\n\n</h4>\n\n</header>\n<article>\n<html><body><p>ChainCatcher 消息，据市场消息，BSC 链上一个未知的 USDC-OCA 流动性池遭攻击，导致约 42.2 万枚 USDC 被提取。</p><p>攻击者利用了 OCA 代币的通缩性 sellOCA() 逻辑漏洞，每次调用在 swap OCA 代币的同时，从流动性池中移除等量的 OCA，人为抬高了池内代币价格。攻击通过三笔交易完成：第一笔执行攻击操作，后两笔主要用于支付额外的区块构建者贿赂。攻击者向 48club-puissant-builder 支付了总计约 43 枚 BNB 加 69 枚 BNB，最终获利估计约为 34 万美元。同一区块中的另一笔交易在 position 52 处失败，疑似被攻击者抢先交易。</p></body></html>\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU1861217088.USD","symbol_name":"贝莱德金融科技A2","start_time":0,"source_url":"https://www.chaincatcher.com/article/2245929","article_id":"2611113657","we_media_id":"1041503808","thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2611113657","pubTimestamp":1771045320,"columns":[],"sourceInfo":null,"weMediaInfo":{"media_name":"链捕手","introduction":"链捕手ChainCatcher 成立于 2018 年，是一家领先的中文 Web3 媒体及数据服务商。","home_visible":1,"id":"1041503808","head_image":"https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5"},"summary":" ChainCatcher 消息，据市场消息，BSC 链上一个未知的 USDC-OCA 流动性池遭攻击，导致约 42.2 万枚 USDC 被提取。攻击者利用了 OCA 代币的通缩性 sellOCA() 逻辑漏洞，每次调用在 swap OCA 代币的同时，从流动性池中移除等量的 OCA，人为抬高了池内代币价格。攻击通过三笔交易完成：第一笔执行攻击操作，后两笔主要用于支付额外的区块构建者贿赂。攻击者向 48club-puissant-builder 支付了总计约 43 枚 BNB 加 69 枚 BNB，最终获利估计约为 34 万美元。同一区块中的另一笔交易在 position 52 处失败，疑似被攻击者抢先交易。 ","collect":0,"end_time":0,"defaultTopTitle":"","property":[],"viewcount":null,"language":"zh","relate_stocks":{"LU1861217088.USD":"贝莱德金融科技A2","CRCG":"2倍做多CRCL ETF-Leverage Shares","LU1791807156.HKD":"BGF WORLD FINANCIALS \"A2\" (HKDHDG) ACC","CRCO":"YIELDMAX CRCL OPTION INCOME STRATEGY ETF","LU2360107671.USD":"BGF FINTECH \"A4\" (USD) INC","LU1668664300.SGD":"Blackrock World Financials A2 SGD-H","CRCD":"T-REX 2X Inverse CRCLDaily Target ETF","CCUP":"T-REX 2x Long CRCL Daily Target ETF","LU0106831901.USD":"贝莱德世界金融基金A2","BK4023":"应用软件","LU1861220207.SGD":"Blackrock FinTech A2 SGD-H","CRCA":"Proshares Ultra CRCL"},"translate_title":"BlockSec: The USDC-OCA liquidity pool on the BSC chain was attacked, and hackers used deflationary mechanism vulnerabilities to steal US $422,000","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CRCG":0.6,"CRCD":0.6,"CCUP":0.6,"CRCO":0.6,"CRCA":0.6},"content_text":"ChainCatcher 消息，据市场消息，BSC 链上一个未知的 USDC-OCA 流动性池遭攻击，导致约 42.2 万枚 USDC 被提取。攻击者利用了 OCA 代币的通缩性 sellOCA() 逻辑漏洞，每次调用在 swap OCA 代币的同时，从流动性池中移除等量的 OCA，人为抬高了池内代币价格。攻击通过三笔交易完成：第一笔执行攻击操作，后两笔主要用于支付额外的区块构建者贿赂。攻击者向 48club-puissant-builder 支付了总计约 43 枚 BNB 加 69 枚 BNB，最终获利估计约为 34 万美元。同一区块中的另一笔交易在 position 52 处失败，疑似被攻击者抢先交易。","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}