The SafeMoon token liquidity pool (LP) was drained of almost $9 million worth of tokens after attackers took advantage of a public token bug introduced in the decentralized finance (DeFi) project’s smart contracts.
Blockchain data reveals that several tokens were moved in a single transaction early on March 29. The attacker ultimately stole billions of Safemoon’s SFM tokens that were locked on an LP.
A collection of tokens secured by a smart contract makes up a liquidity pool. Without intermediaries, decentralized lending, borrowing, and trading amongst users are made possible through liquidity pools.
SafeMoon is a DeFi project with more than 2.5 million holders and more than $50 million in locked-in cash, and it has a fully diluted market valuation of over $1 billion.
A deflationary utility coin called SAFEMOON is part of a community-driven DeFi protocol. It is developed on the Binance Smart Chain and operates on the BEP-20 token standard (BSC).
The project was introduced in the first quarter of 2021 and has several characteristics like burn strategy, static incentives, and liquidity pool acquisition.
On Twitter, SafeMoon revealed the attack and said it immediately attempted to fix the problem. However, the site withheld information about the incident.
To our valued community,
As you may be aware, on Tuesday 28 March, SafeMoon’s Liquidity Pool was compromised. We have taken swift action to resolve the situation and protect our community. I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool.…
— John Karony (@CptHodl) March 29, 2023
Following the exploit of the decentralized finance exchange, SafeMoon CEO John Karony has released a statement. Karony said SafeMoon attempted to “rectify” the issue in an email received on March 29.
Bug introduced during the project’s contract upgrade
Following the hack, the blockchain security firm PeckShield disclosed that the problem was included during the project’s most recent contract upgrade, which was started using the official SafeMoon Deployer. The company proposed that the upgrade may have been started since the admin key may have been exposed.
DeFi Mark, a developer for Web3, added that the attacker used the public burn feature, which lets users burn tokens from any address.
John Karony, CEO of Safemoon, explained in a subsequent tweet that the exploit was exclusive to one LP on the BNB Chain.
“I want it to be understood that our DEX is secure. In the end, this had an impact on the SFM: BNB LP pool. We have identified the potential exploit, patched the flaw, and are working with a chain forensics expert to ascertain the exact type and scope of the exploit,” Karony said.
Thank you to all our passionate community members for your patience and support during this frustrating time.
Rest assured that we have not taken our foot off the gas and hope to bring this matter to an end swiftly.
We are still establishing our timelines for a full… https://t.co/Iu3NZ1mlPf
— John Karony (@CptHodl) March 29, 2023
The attacker used the function to remove SafeMoon’s native token, SFM, from the project’s WBNB liquidity pool, which caused the price of SFM to increase artificially.
