Jake Paul-endorsed Safemoon liquidity pool suffered an attack with an estimated $8.9 million drained. The attackers exploited using the publicly-accessible burn function in the token’s contract to manipulate the protocol.
Attackers Manipulate Faulty Function to Exploit SFM
The Wednesday attackers managed to manipulate faulty functions within the smart contracts. Analysis completed by Blockchain data reveals that the attack affected several tokens in the early Wednesday hours. The attacker initiated a single transaction to steal millions of Safemoon from the SFM tokens locked within the liquidity protocol.
Safemoon operates as a liquidity pool identified as the basket holding various tokens locked within the smart contract. It deploys a unique design to allow users to execute decentralized trading, borrowing, and lending by eliminating intermediary parties.
SFM Plunge 40% Following Exploit
The attack made the SFM token plunge 40%, particularly in the early Asian hours when it plummeted to $0.00016736, as illustrated by CoinGecko data. The SFM token price has since recovered to exchange hands at $0.0001823, still 23.1% down in the past 24 hours.
Safemoon involves a decentralized finance token that facilitates four functions observable during trading. Besides fee reflection, it facilitates token burning, growing funds, and liquidity pool acquisition. The four factors propel Safemoon to accomplish the largest gainers during the 2021 market.
The statement conveyed by Safemoon developers admitted the liquidity pair suffered compromise. In a subsequent tweet, the developers assured the community of their devotion to resolving the issue.
Regretting the exploit, Safemoon chief executive John Karony attributed the exploit to a faulty liquidity pair within the BNB Chain. He assured the community that the Safemoon decentralized exchange (DEX) was safe though the exploit affected the SFM: BNB LP pool.
Developers Unearth Vulnerability Behind Exploit
Karony’s subsequent tweet revealed Safemoon’s internal team located the exploit, allowing the developers to patch the vulnerability successfully. Nonetheless, the chief executive confirmed advanced plans to engage a chain forensics consultant to ascertain the precise nature and extent of the attack.
In support of Karony’s remark, developers attribute the exploit to the existence of a faulty burn feature. The chief executive of web3-based development firm Dappd, Moon Mark, indicated that the faulty burn feature allowed the burn tokens from other addresses to gain access.
Mark noted that the attacker leveraged the faulty function to eliminate SFM tokens from the Safemoon-WBNB liquidity pool.
The process allowed the attacker to inflate the SFM token manually. Higher prices allowed the perpetrator to dispose of the SFM tokens into the liquidity pool, though at the overpriced exchange level.
SFM Market Outlook
This possibility enabled the exploiter to eliminate all WBNB locked within the liquidity pool. The attacker replicated the elementary exploit cases deployed against multiple smart contracts.
A scrutiny of the SFM tokens performance shows at press time 09:34 UTC, it is exchanging hands at $0.00018941, still, 18.6% down, as illustrated by CoinGecko data.
CoinGecko data reveals the SFM token tested a high of $0.00025172 before plunging to $0.00016736. While the token is 19.1% high from the $0.00015900 realized on March 12 2023, it is still 94.4% below the $0.00338272 attained in January 2022.
While SFM’s daily trading volume is up by 36% to $1.44M, the plunge has restricted its total market capitalization to $111.26 million, as per CoinMarketCap data.
Editorial credit: photo_gonzo / Shutterstock.com
SureTradeGroup.com is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Some of the content on this site is paid content that is not written or posted by our writers or editors and the opinions expressed do not reflect the opinions of this website. Any disagreement you may have with brands or companies mentioned in articles will need to be taken care of directly with those specific brands and companies. The responsibility of anyone who may click links in our articles and ultimately sign up for that product or service is their own. Forex, Stocks, Cryptocurrencies, NFTs and Dogital Tokens are all a high-risk asset, investing in them can lead to losses. Readers should do their own research before taking any action.