Pump.fun Exploited For $2M In SOL By Former Employee

Pump.fun, a popular platform, faced a significant security breach today, resulting in the loss of 12,300 SOL tokens, valued at approximately $2 million.

The exploit impacted around 1,882 wallets and has been attributed to a former employee known as @STACCoverflow on X.

The attacker’s motivation appears linked to allegations of financial misconduct by Pump.fun’s founders. In a revealing post, @STACCoverflow claimed, “The founders withdrew 2m from treasury yesterday. Let them pay for it.”

This accusation corresponds closely with the amount stolen, suggesting a retaliatory motive.

The breach was executed through a flash loan attack after the attacker gained access to Pump.fun’s service account key.

Flash loan attacks allow users to borrow large sums of cryptocurrency without collateral, provided the borrowed amount is returned within the same transaction. This method is often used to exploit vulnerabilities in smart contracts.

Pump.Fun Team Responds Quickly, Removing Trading Fees Temporarily 

Despite the severe breach, the Pump.fun team responded quickly by redeploying their contract. Trading has resumed on the platform, with a temporary suspension of trading fees for the next seven days to encourage user activity and trust.

Additionally, Pump.fun has committed to replenishing the liquidity pools (LPs) for each affected coin within the next 24 hours to mitigate the damage.

Interestingly, @STACCoverflow has launched a new memecoin to capitalize on the notoriety of the exploit. The creation of this coin seems to be an attempt to further profit from the incident, leveraging the attention and controversy surrounding the attack.

While the immediate aftermath of the exploit has been chaotic, the swift actions by the Pump.fun team to address the breach and support affected users highlight their commitment to security and user trust. 

The incident serves as a stark reminder of the ongoing security challenges within the cryptocurrency space and the need for robust safeguards against insider threats and technical vulnerabilities.

Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.

Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!

Via: https://themerkle.com

Share this article:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

Please enter CoinGecko Free Api Key to get this plugin works.