A hacker has made off with $8.9 million worth of digital assets after exploiting a vulnerability in the BNB chain-based DeFi exchange Safemoon.
According to crypto security firm Peckshield, the attacker exploited a public burn function introduced in the latest upgrade. The function included a bug that allowed the hacker to compromise the project's liquidity pool and drain almost $9 million worth of assets.
Web3 developer DeFi Mark further explained that the attacker used the vulnerability to remove SafeMoon (SFM) tokens, causing an artificial spike in the token’s price. The attacker took advantage of the situation and sold off the tokens at an inflated price.
"The attacker used this function to remove SFM tokens from the Safemoon-WBNB Liquidity Pool, artificially raising the price of SFM," the crypto guru said.
"The attacker was then able to sell SFM into this LP at a grossly overpriced rate within the same transaction, wiping out the remaining WBNB in the liquidity pool."
In a recent tweet, the team behind Safemoon confirmed the hack, noting that the project's LP was compromised. Without revealing further details about the attack, SafeMoon confirmed undertaking steps “to resolve the issue as soon as possible.”
Safemoon describes itself as a community-driven DeFi protocol that features a deflationary utility token, SFM. It runs on the BEP-20 token standard, built on the Binance Smart Chain (BSC).
The project was launched in the first quarter of 2021 and came with several features such as static rewards, liquidity pool acquisition, and burn strategy.
Notably, the project was previously endorsed by a number of high-profile celebrities and social influencers such as Jake Paul and Soulja Boy. However, the project has been the
Read more on cryptonews.com