The Solana-based Pump.fun platform suffered an exploit that left the crypto community with many questions. The attack stole millions of dollars in user funds, but the reasons behind this and the exact amount of the loot were unclear. Amid the uncertainty, some claimed that a Robinhood cryptocurrency had emerged.
Related reading
$80 million taken in crypto heist?
On Thursday, the Pump.fun platform x.com/pumpdotfun/status/1791164438852083807″ target=”_blank” rel=”nofollow”>Announced their bounding curve contracts had been compromised. In the post, the team alerted users that all transactions were temporarily stopped while they investigated the incident.
Pump.fun is a trading platform created to “rug prevent” by ensuring that all crypto tokens created are secure. The platform allows users to easily launch instantly tradable tokens without presales or team allocation.
This solution became an extremely popular alternative among influencers and users who wanted to create tokens without the complexity or high costs of launching a project.
It uses bonding curve contracts for tokens, a mathematical model that determines the price of a token based on supply, increasing with the number of tokens purchased. Once the token's market capitalization reaches $69,000, some of the liquidity is deposited into Raydium to be burned.
Since the attack, the team has assured users that contracts have been updated to prevent further loss of funds, adding that the protocol's total value locked (TVL) is safe.
However, reports from the community were contradictory and alarming. Some users claimed that the attacker had taken $80 million worth of cryptocurrency from the platform's bonding curve contracts, worrying affected users.
According to the Lookonchain report, the hacker was quickly identified. At first, he pretended to be an unconscious user and asked what the damage was. However, he later accused the platform's founders of withdrawing the exact amount stolen the previous day.
A user x.com/ardizor/status/1791186167645303080″ target=”_blank” rel=”nofollow”>reclaimed the individual chose “to be a Robin Hood, throwing hacked money into the $SOL communities.” The attacker also expressed in a publication his desire to “change the course of history.” However, his “heroic outlaw” efforts affected 1,882 addresses.
What happened?
Despite speculation and posts by the attacker, it was later revealed that he was a former employee of Pump.fun. At his autopsy x.com/pumpdotfun/status/1791235050643636303″ target=”_blank” rel=”nofollow”>mailThe platform team revealed that the individual had used his position to misappropriate funds from bond curve contracts.
The attacker illegitimately accessed the accounts after obtaining the private keys, “taking advantage of his privileged position in the company.” The former employee used quick loans from Solana's lending protocol to steal 12,300 SOL, worth approximately $1.9 million.
According to the post, he borrowed SOL to buy as many tokens as possible on Pump.fun. When the tokens reached 100% on their respective bond curves, the attacker used the keys to access the bond curve liquidity and repay the flash loans.
Fortunately, the attacker was only able to access $1.9 million of the $45 million of contract liquidity. The team has since redistributed the bonding curve contracts and offered a plan to help affected crypto investors.
Related reading
To keep users complete, the team will “seed the LPs for each affected coin with an equal or greater amount of SOL liquidity than the coin had at 15:21 UTC within the next 24 hours.” Additionally, they offer 0% trading rates for the next 7 days. As one user noted, this action is “not trivial,” as Pump.fun makes $1 million a day from fees.
Featured image from Unsplash.com, chart from TradingView.com
