SafeMoon Liquidity Pool Loses $8.9M Due to “Burn” Bug
SafeMoon, a cryptocurrency token, was the victim of a security breach that resulted in the loss of $8.9 million from its liquidity pool. Hackers used a newly created smart contract “burn” feature, which inflated the price of the token and allowed them to sell it at an exorbitant price. The SafeMoon team confirmed the attack and said they are currently working to resolve the issue.
What are liquidity pools in DeFi platforms?
DeFi platforms are gaining popularity in the cryptocurrency world as they offer a decentralized and secure way to trade cryptocurrencies. Liquidity pools are large deposits of money (cryptocurrency) that facilitate trading, provide market liquidity, and generally allow exchanges to function without third-party borrowing. These pools are an essential part of DeFi platforms as they allow traders to easily buy and sell cryptocurrencies.
SafeMoon confirmed the security incident on Twitter and stated that they are currently working on solving the problem. The attack occurred on Tuesday, March 28, and affected the SFM:BNB liquidity pool but not the platform’s exchange. SafeMoon CEO John Karony stated that they located the alleged exploit, patched the vulnerability and hired a chain forensic consultant to determine the exact nature and scope of the exploit. He also assured users that their tokens remain safe and that the other LP pools on the DEX will not be affected, nor any of the platform’s upcoming upgrades and releases.
Exploit Details – Burn bug
Blockchain security researchers PeckShield shared more details about the vulnerability that the hacker exploited to conduct the $8.9 million SafeMoon heist. According to PeckShield, a recent update introduced SafeMoon’s new smart contract feature that burns tokens. Unfortunately, the feature was mistakenly set to public with no restrictions, allowing anyone to run it as they please. The SafeMoon team had previously stated that this system would only be used for emergencies, e.g. B. if the liquidity pool were at risk from malicious smart contracts, excessive slippage and other temporary losses.
The hacker used the feature to burn large amounts of SafeMoon tokens, causing the token’s price to skyrocket. As soon as the price rose, another entity sold SafeMoon at the manipulated price, withdrawing $8.9 million from the SafeMoon:WBNB liquidity pool.
The aftermath of the burn bug attack
A few hours after the attack, the actor who turned SafeMoon into BNB claimed that he was not the original hacker but “accidentally front-run” after the price artificially inflated due to the burn() function exploit had been driven. While it’s not clear if the owner of this wallet is the same person who exploited the bug, she offered to return the stolen funds to SafeMoon. They left a comment on the transaction saying, “Hey relax, we accidentally advanced an attack against you, we want to return the money, set up a secure communication channel, let’s talk.”
Since then, the person has transferred 4,000 Binance Coins (BNB) worth $1,264,440.00 to a different address, making the front run look less random.
Learn Crypto Trading, Yield Farms, Income strategies and more at CrytoAnswers
Comments are closed.