SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool


The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created ‘burn’ smart contract function that artificially inflated the price, allowing the actors to sell SafeMoon at a much higher price.

Liquidity pools in DeFi platforms are large deposits of funds (cryptocurrency) that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing from a third party.

SafeMoon confirmed the security incident today on Twitter and stated that it is currently working on resolving the issue.

SafeMoon tweet

SafeMoon’s CEO, John Karony, stated that the attack occurred on Tuesday, March 28, affecting the SFM:BNB liquidity pool but not the platform’s exchange.

“We have located the suspected exploit, patched the vulnerability, and are engaging a chain forensics consultant to determine the precise nature and extent of the exploit,” reads Karony’s statement.

“Users should be assured that their tokens remain safe. I want to assure you that the other LP pools on the DEX have not been affected, and nor have any of our upcoming upgrades and releases.”

Exploit details

Blockchain security experts PeckShield have shared more details about the vulnerability exploited by the hacker to carry out the $9M heist against SafeMoon.

According to PeckShield, a recent update introduced a new SafeMoon smart contract function that burns tokens. Unfortunately, the function was mistakenly set to public without restrictions, allowing anyone to execute it as they wished.

Karony previously stated that this system would only be used for emergencies, like when the liquidity pool would face risks with malicious smart contracts, excessive slippage, and other transient losses.

The hacker utilized the function to burn large amounts of SafeMoon tokens, causing the price of the token to shoot up in price.

Flaw highlighted by PeckShield
Flaw highlighted by PeckShield

As soon as the price increased, another address sold SafeMoon at the manipulated price, draining $8.9 million from the SafeMoon:WBNB liquidity pool.

A few hours after the attack, the actor who converted the SafeMoon to BNB claimed they were not the initial hacker but “accidentally performed a front run” after the price was artificially inflated due to the exploit of the burn() function.

While it is not clear if the owner of this wallet is the same person who exploited the bug, they are offering to return the stolen funds to SafeMoon.

“Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talk,” said a comment added to the transaction.

Since then, the person has transferred 4,000 Binance Coins (BNB), worth $1,264,440.00, to another address, making the frontrun look less accidental.





Source link