SafeMoon, a project previously endorsed by A-list celebrities and social influencers such as Jake Paul and Soulja Boy, announced its liquidity pool (LP) was compromised. Without revealing further details about the attack, SafeMoon confirmed undertaking steps “to resolve the issue as soon as possible.”
Just like many other crypto projects in 2021, SafeMoon was backed by numerous celebrities. However, a lawsuit from Feb. 2022 alleged that musicians such as Nick Carter, Soulja Boy, Lil Yachty and YouTubers Jake Paul and Ben Phillips mimicked real-life Ponzi schemes by misleading investors to purchase SafeMoon (SFM) tokens under the pretext of unrealistic profits.
Jake Paul promoting SafeMoon token in 2021. Source: TwitterInvestigating the SafeMoon hack shows that the attacker made away with approximately 27,000 BNB (BNB), worth $8.9 million. SafeMoon has not yet responded to Cointelegraph’s request for comment. Moreover, users have been barred from posting comments on the announcement that revealed the LP compromise.
Blockchain investigator Peckshield narrowed the problem to a recent software upgrade as a potential culprit that introduced the bug. A public burn() function introduced in the latest upgrade allegedly allows users to burn tokens from other addresses.
As explained by community member DeFi Mark, the attacker used the vulnerability to remove SFM tokens, causing an artificial spike in the token’s price. The attacker took advantage of the situation and sold off the tokens at an inflated price.