Mobius Token Incident Analysis

On 11 May 2025 an attacker exploited a numeric inflation bug in an unaudited Mobius token contract on BSC, minting ~9.73e15 MBU by exploiting a surplus 1e18 multiplier and swapping it for ~2.16M USDT; addresses, tx links, and subsequent laundering through Tornado Cash are provided along with analysis of the faulty price/decimals arithmetic.