SafeMoon’s Upgrade Facilitated its Exploitation, Says Analyst

Last Updated:
SafeMoon’s Upgrade Facilitated its Exploitation, Says Analyst
  • SafeMoon has been exploited by draining almost $9 million worth of tokens
  • PeckShield reported that the exploitation had been facilitated by the platform’s upgrade that contained a public burn bug.
  • The hacker manipulated the SFM token’s price and sold them back to the LP, wiping out the remaining WBNB.

According to the latest data, it appears that the blockchain platform SafeMoon’s exploitation was facilitated by the platform’s recent upgrade that introduced a “public burn bug.”

On March 29, the on-chain analytic platform PeckShield Inc. shared a Twitter thread on its official page, declaring that the upgrade’s public burn bug led to the exploit, supposedly initiated by an admin key leak:

Previously, it was revealed that nearly $9 million in tokens were drained out of the exchange following the exploitation when the attackers manipulated a fabricated feature on the platform’s smart contracts.

Subsequently, SafeMoon updated its Twitter page with the information that the platform’s liquidity pool has been compromised, adding:

We want to inform you that our LP has been compromised. We’re taking swift action in an attempt to resolve the issue as soon as possible… Thank you for your support as we work to address this situation.

According to PeckShield, the hacker manipulated the price of the SFM tokens using a code function and facilitated the sale of enough tokens back to the liquidity pool resulting in the extraction of the remaining WBNB in the pool.

Significantly, PeckShield added:

By exploiting the public mint bug, the actor can burn most SFM tokens in the pair, which increases the SFM price. With that, the actor basically buys SFM at the beginning, next exploits the public mint bug to increase the SFM price, and then sells SFM with a profit [greater than] $8.9 million.

Nonetheless, the hackers declared after some hours that they are willing to return the fund, following which it was reported that the attackers have already sent 4000 BNB equivalent to $1.2 million.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.

CoinStats ad

Latest News