SafeMoon, a decentralized finance (DeFi) token, has been hacked for roughly $8.9 million, according to reports. The cybercriminal exploited a newly created “burn” feature in SafeMoon’s smart contract, artificially pumping the token’s price to a hyperbolic value.
When a cryptocurrency has a massive number of coins in circulation, it requires unrealistically large market caps in order to grow in price. Burning is a mechanic added to “altcoins” that allows them to reduce the number of coins in circulation, thus artificially boosting the price of the coin without having to raise its market cap by garnering more investors. This is also usually done to convince those who have already invested in the coin that the price will continue to rise unrealistically.
The flawed feature was designed to allow users to burn their own tokens, but the hacker manipulated the code to gain unrestricted access. This led to the token’s price skyrocketing, enabling the attacker to sell a significant portion of the tokens at an inflated value.
In response to the incident, SafeMoon’s CEO, John Karony, confirmed the hack and stated that the company has already located the suspected exploit, patched the vulnerability, and is engaging a chain forensics consultant to determine the precise nature and extent of the exploit.
“Users should be assured that their tokens remain safe. I want to assure you that the other LP pools on the DEX have not been affected, and nor have any of our upcoming upgrades and releases,” Karony added.
SafeMoon has faced rugpull allegations before, amidst steep drops in price. In this case, researchers have expressed skepticism about a gesture of goodwill made by the second wallet owner, who transferred 4,000 Binance Coins worth $1,261,972.52 at the time of writing the following message:
“Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talk,”
Whether or not the money is able to be recovered is yet to be known.