Memecoin launcher pump.fun exploited for $1.9 million, ex-employee blamed

Memecoin launcher pump.fun exploited for $1.9 million, ex-employee blamed
фото показано с : invezz.com

2024-5-17 09:05

Pump.fun, a Solana memecoin launch tool, alleged that a former employee exploited the protocol for nearly $2 million in a “bonding curve” attack. The ex-employee used a “privileged position” to access a “withdraw authority” and compromise the protocol’s internal systems, according to pump.fun’s May 16 X post.

Approximately $1.9 million was stolen from the $45 million held in pump.fun’s bonding curve contracts. The platform paused trading temporarily but has since resumed operations. 

Pump.fun asserted that its smart contracts are still secure and that affected users would recover “100% of the liquidity” within the next 24 hours.

Former employee takes the blame

Igor Igamberdiev, head of research at cryptocurrency market maker Wintermute, suggested the hack resulted from an internal private key leak. He suspected X user “STACCoverflow” was behind the attack. 

STACCoverflow posted cryptic messages on X, stating they were “about to change the course of history” and “then rot in jail,” while also claiming to be “fully doxxed.”

Pump.fun has been collaborating with law enforcement but did not name the former employee involved.

The exploiter used flash loans on the Solana lending protocol Raydium to borrow Solana (SOL) tokens. These tokens were then used to buy pump.fun’s meme coins. 

Once the coins reached 100% on their bonding curves, the exploiter accessed the bonding curve liquidity to repay the flash loans. Between 3:21 pm and 5:00 pm UTC on May 16, approximately 12,300 SOL, valued at $1.9 million, was stolen.

Gotbit Hedge Fund initially flagged concerns about the attack on social media. They noted a wallet buying all tokens on pump.fun within minutes to fill the bonding curve to 100%. This caused Raydium listings to become stuck.

As of now, pump.fun assures that users affected during the specified hours will recover 100% or more of the liquidity held prior to the attack.

This is hardly the only exploit in recent times. Just a day before, the lending protocol for Sonne Finance was hacked for $20 million. The attacker got away with $20 million in crypto assets by exploiting a vulnerability in the second version of the Compound platform.

The post Memecoin launcher pump.fun exploited for $1.9 million, ex-employee blamed appeared first on Invezz

Similar to Notcoin - Blum - Airdrops In 2024

origin »

FunFair (FUN) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0.0064133
Капитализация $0 Rank 99999
Доступно / Всего 0 FUN

fun pump million impacting attack curve bonding

fun pump → Результатов: 10


Команда pump.fun поделилась своими планами

На одном из сайд-ивентов в рамках конференции Token2049 в Сингапуре команда pump. fun поделилась планами по дальнейшему развитию проекта. Главная цель разработчиков pump. fun — создать инновационную финансовую платформу, которая объединит возможности популярных социальных сетей из Web2 с элементами криптоиндустрии.

2024-9-20 19:32


Спад популярности Pump.fun снизил комиссионные поступления Solana

Общая сумма комиссий, уплачиваемых в сети Solana, упала до шестимесячного минимума на фоне снижения популярности Pump. fun.   7 сентября сеть сгенерировала около 3300 SOL комиссионных сборов.

2024-9-11 17:55