As a crypto investor with several years of experience in the market, I’m always on the lookout for new and innovative platforms that can add value to my portfolio. When I first heard about Pump.fun, I was intrigued by its unique solution for preventing rugs and making token launches more accessible to everyone. The platform seemed like a breath of fresh air in the crowded DeFi landscape.
A significant exploit occurred on the Solana-based platform, Pump.fun, resulting in the theft of millions of dollars from users’ funds. However, the specifics of what happened and the exact amount stolen remain vague, leaving the crypto community with numerous unanswered questions. Some speculated that a new crypto version of Robinhood had emerged due to this unexpected event.
$80 Million Taken In Crypto Heist?
Thursdays saw Pump.fun making the announcement that their bounding curve contracts had been breached. In a statement, the team advised users that all trading activities were currently suspended as they delved deeper into the matter to understand its implications.
At Pump.fun, we’ve developed a trading platform specifically designed to safeguard crypto tokens against potential rug pulls. This means that all tokens launched on our platform come with added security for users. The process of bringing new tokens onto the platform is simplified, allowing for instant creation and immediate availability for trading without any presale or team allocation.
Among influencers and users seeking a simpler, more affordable method for issuing tokens, this option gained significant traction as a preferred choice.
As a crypto investor, I’d describe it this way: This platform uses a unique pricing mechanism called bonding curve contracts for its tokens. The price of a token is calculated based on its supply and increases as more tokens are bought. When the market capitalization of the token reaches $69,000, a portion of its liquidity is automatically transferred to Raydium to be permanently removed from circulation, ensuring scarcity and potentially increasing the token’s value.
After the recent security incident, I want to reassure our users that we have taken steps to enhance the security of our smart contracts to prevent any further losses. I am pleased to report that the overall value locked within our protocol remains secure.
The community’s accounts of the incident were conflicting and raised concerns. Some users asserted that over $80 million in cryptocurrency was stolen from the platform’s bonding curve contracts, causing unease among the affected parties.
Based on the findings from Lookonchain’s report, I discovered that the hacker tried to conceal his identity initially by feigning ignorance and inquiring about the extent of the damages. Later on, he levied accusations against the platform’s creators, claiming they had previously withdrawn the identical sum stolen from the fund.
A user of X claimed that an individual acted like Robin Hood, redistributing hacked funds to communities associated with SOL. In a post, this person expressed a wish to alter the course of history. Nevertheless, their “Robin Hood-like” actions impacted 1,882 different addresses.
What Happened?
After initial accusations and the attacker’s claims, it emerged later that he was formerly employed by Pump.fun. The company disclosed in a subsequent statement that this person had taken advantage of their employment status to embezzle funds from the bonding curve contracts.
A former employee unjustifiably penetrated the accounts by means of their exalted role within the organization, ultimately securing the private keys. Utilizing flash loans borrowed from Solana’s lending platform, this individual made off with 12,300 SOL, equivalent to approximately $1.9 million.
According to the article, I discovered that the individual obtained SOL with the intention of acquiring a large quantity of tokens in Pump.fun. Once these tokens reached their maximum point on the bonding curves, the attacker utilized the provided keys to retrieve liquidity from the bonding curves and repay the flash loans.
Luckily, the intruder was unable to tap into more than $1.9 million of the total $45 million held in the smart contracts. Following this incident, the development team took steps to relaunch the bonding curve contracts and proposed a solution for those impacted by the crypto breach.
To ensure that users are made whole, the team will add an equivalent or greater amount of Solana (SOL) liquidity to each affected coin’s liquidity pool within the next 24 hours. Additionally, they are waiving trading fees for a period of seven days. This action represents a significant gesture on Pump.fun’s part, given that they typically earn around $1 million daily in fees.
Read More
Sorry. No data so far.
2024-05-18 04:16