Memecoin launcher Pump.fun claims former employee behind $1.9 million exploit.

Solana Memecoin creation tool Pump.fun claimed that a former employee extorted the company out of approximately $2 million through a “bond curve” attack.

The former employee used his “privileged position” to gain access to “withdrawal authority” and compromise the protocol’s internal systems, Pump.fun. It was claimed in X’s post on May 16th.

Approximately $1.9 million of the total $45 million held in Pump.fun’s bonding curve contracts was stolen.

The platform has temporarily suspended trading, but is now back up and running.

Pump.fun smart contracts are “secure” and users affected by the incident will receive “100% of the liquidity” they previously held within the next 24 hours, Pump.fun said.

source: pump.fun

Prior to Pump.fun’s post, Igor Igamberdiev, head of research at cryptocurrency marketplace maker Wintermute, claimed that the hack was caused by an internal private key leak attributed to X user “STACCoverflow.”

In a series of cryptic X posts, STACCoverflow “seeks to change the course of history. n (sic) Then you rot in prison.” “I don’t care, I’ve already been completely doxxed,” they added in a separate post.

Related: The Solana memecoin hit a whopping $328 trillion market cap for all the wrong reasons.

In a previous X post, Pump.fun said it was cooperating with law enforcement. It did not name the former employee and did not immediately respond to a request for comment.

How the hack unfolded

The suspect borrowed Solana (SOL) using flash loans on Raydium, the Solana lending protocol, and used the money to “purchase as many coins” as possible, Pump.fun said.

Once the coin reaches 100% on that bonding curve, the exploiter can access the bonding curve liquidity to repay the flash loan.

The Pump.fun sai attack occurred between 3:21 PM and 5:00 PM UTC on May 16, resulting in the theft of approximately 12,300 SOLs worth approximately $1.9 million.

Solana Memecoin Launchpad stated that between this time, affected users will recover more than 100% of the liquidity they had prior to the attack.

magazine: 1 in 6 new Base Meme coins are a scam, and 91% have vulnerabilities.

Memecoin launcher Pump.fun claims former employee behind $1.9 million exploit.

From Quant to Cool Man: How Cryptocurrency Recession Is Impeding Adoption

Analysis of market segments you can tap to make money, in-depth analysis, how successful have they been?; deep dive

Solana (SOL)-Based CHILLGUY Memecoin Falters as Illustrator Threatens Legal Action: Report

Is Ethereum a time bomb? Breaking records with derivatives indicators

Bitcoin, BTC price counts down to $100,000 due to ‘violent breakout’ of short selling risk

Kava launches HARD.fun, a community-driven memecoin creation platform

BitClave investors recovered $4.6 million in SEC settlement.

PlayBlock Rockets ranked 8th globally in blockchain transactions and sales following its listing on DappRadar.

From Quant to Cool Man: How Cryptocurrency Recession Is Impeding Adoption

NVIDIA Schedules Key Presentations to Engage Financial Community

Analysis of market segments you can tap to make money, in-depth analysis, how successful have they been?; deep dive

A new era of interoperable data opportunity for everyone

Improve AI Inference on HGX H200 with NVIDIA’s TensorRT-LLM Multiblock Attention

Will $100,000 Bitcoin Price Trigger a Big Correction?

Top Insights

Is Ethereum a time bomb? Breaking records with derivatives indicators

Bitcoin, BTC price counts down to $100,000 due to ‘violent breakout’ of short selling risk

Kava launches HARD.fun, a community-driven memecoin creation platform

Most Popular

Curve Finance Launches MIM/crvUSD Pool on Arbitrum, Strengthening DeFi Ecosystem

Evmos, ZIGChain reshaping the future of wealth creation

$6 Trillion of Crypto Assets to Be Inherited by 2045

Memecoin launcher Pump.fun claims former employee behind $1.9 million exploit.

How the hack unfolded

Related Posts