Hacker Steals $9M from SafeMoon

The liquidity pool (LP) of BNB Chain-based crypto exchange SafeMoon has been compromised, with the attacker draining close to $9 million worth of assets from the platform, the company said via Twitter on 29 March.

While SafeMoon did not release a lot of information regardin the exploit, on-chain data shows the attacker was able to transfer approximately 27,000 BNB tokesn (around $8.9 million) out of its liquidity pool. The CEO of the decentralized exchange (DEX), John Karony, assured users that the platform had “taken swift action to resolve the situation”, and that the exploit only affected the SFM:BNB liquidity pool. Karony noted:

“I want to assure you that the other LP pools on the DEX have not been affected, and nor have any of our upcoming upgrades and releases. I also want to assure you that the SafeMoon Wallet, secured by Orbital Shield, continues to be a safe place to store your crypto.”

Although Karony did not reveal how the exploit happened, SafeMoon had already “located the suspected exploit” and patched the vulnerability. Blockchain security firm PeckShield, however, said its investigation pointed to a recent software upgrade — which introduced a public burn function that allowed users to burn tokens from other addresses — as the potential culprit to introduce the bug.

Using this bug, the attacker was able to artificially raise the price of the SFM token using a code function, and in the same transaction sold enough SFM tokens back to the liquidity pool to effectively drain the BNB from the contract.

Launched in 2021, SafeMoon received a lot of attention from numerous celebrities who backed the project, including musicians such as Nick Carter, Soulja Boy, Lil Yachty, and YouTubers Jake Paul and Ben Phillips. In February 2022, however, a lawsuit alleged that these celebrities mimicked Ponzi schemes by misleading the public to purchase tokens from SafeMoon under the pretext of high profits.