Jake Paul-endorsed SafeMoon gets hacked after introducing a bug in upgrade

CoinTelegraph reported:

SafeMoon, a project previously endorsed by celebrities and social influencers like Jake Paul and Soulja Boy, announced its liquidity pool (LP) had been compromised. Without revealing further details about the attack, SafeMoon confirmed it is undertaking steps “to resolve the issue as soon as possible.”

Like many other crypto projects in 2021, SafeMoon was backed by numerous celebrities. However, a lawsuit from February 2022 alleged that musicians such as Nick Carter, Soulja Boy, Lil Yachty, and YouTubers Jake Paul and Ben Phillips mimicked real-life Ponzi schemes by misleading investors to purchase SafeMoon (SAFEMOON) tokens under the pretext of unrealistic profits.

a6e0b4c2 13d3 470c b8f6 bee5d16ec5c7
Jake Paul promoting SafeMoon token in 2021. Source: Twitter

Investigating the SafeMoon hack shows that the attacker made away with approximately 27,000 BNB (BNB), worth $8.9 million. SafeMoon has not yet responded to Cointelegraph’s request for comment. Moreover, users have been barred from posting comments on the announcement that revealed the LP compromise.

Blockchain investigator PeckShield narrowed the problem to a recent software upgrade as a potential culprit that introduced the bug. A public burn function introduced in the latest upgrade allegedly allows users to burn tokens from other addresses.

Community member “DeFi Mark” explained that the attacker used the vulnerability to remove SafeMoon tokens, causing an artificial spike in the token’s price. The attacker took advantage of the situation and sold off the tokens at an inflated price.

3c06029e 5ad2 4689 a450 46922309483a
SafeMoon exploit overview. Source: PeckShield

The attacker left a note along with the transaction, as shown above, which said:

“Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talk.”

Until SafeMoon officially announces a resolution, investors are advised against investing in the project to avoid possible loss of funds.

Related: New crypto litigation tracker highlights 300 cases from SafeMoon to Pepe the Frog

Following a recent security incident related to illicit access to hot wallets, Bitcoin (BTC) ATM manufacturer General Bytes plans to reimburse customers that lost funds.

As Cointelegraph reported, the hack caused a loss of 56 BTC and 21.82 Ether (ETH), cumulatively worth nearly $1.9 million.

Magazine: Huawei NFTs, Toyota’s hackathon, North Korea vs. Blockchain: Asia Express

Read more