The interesting circumstances of the attack confuse even experts.
The SafeMoon token liquidity pool lost $8.9 million after an unknown hacker took advantage of the newly added “burn” smart contract feature, which artificially inflated the price of the SFM cryptocurrency, allowing members to sell it at a much higher profit.
Liquidity pools on DeFi platforms are large deposits of cryptocurrencies that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing currency from third parties.
Yesterday, SafeMoon confirmed the incident on its Twitter and stated that it is currently working on a solution to the problem.
SafeMoon CEO John Caroni said the attack occurred on Tuesday, March 28 and affected the SFM:BNB liquidity pool, but not the platform's entire exchange. “We discovered the alleged exploit, fixed the vulnerability, and engaged a network forensics consultant to determine the exact nature and extent of the exploit. Users need to be sure that their tokens remain safe. I want to assure you that other DEX pools were not affected,” SafeMoon’s director said in a statement.
Blockchain security experts PeckShield have shared more details about the vulnerability used by the hacker to rob SafeMoon. According to PeckShield, a recent update to the SafeMoon platform introduced a new smart contract feature called "burn" that allows you to "burn" tokens. In itself, “burning tokens” is a completely normal and legitimate process on crypto platforms. But in the case of SafeMoon, the feature was erroneously set to be public with no restrictions, allowing anyone on the platform to take advantage of it.
SafeMoon's director has previously said "burning" will only be used in emergencies. For example, when the liquidity pool faces risks due to malicious smart contracts, excessive slippage and other issues. But since the attacker took advantage of it, he decided in his own interests to burn more SafeMoon tokens at once, as a result of which the price of the token rose sharply.
As soon as the price rose, SafeMoon's cryptocurrency was sold from another address at a manipulated price, allowing nearly $9M to be siphoned out of SafeMoon:WBNB's liquidity pool.
Funny enough, a few hours after the attack, the person who converted SafeMoon to BNB stated that he did not do it with malicious intent, but “accidentally got ahead of the curve” after the price was artificially high due to the use of the “burn” function. ". Allegedly, someone else burned the tokens, and this person just managed to make a profitable deal.
“Hey, relax, we accidentally launched an attack against you and would like a refund. Let's set up a secure communication channel and talk, ”says a comment added to the transaction.
At the time of writing, the cryptocurrency “thief” transferred about 4,000 Binance coins (BNB) worth $1.2 million to another address, which corrected the SMF rate for the better. If this attack really was an accident or a simple “prank”, soon all the currency “pumped out” from the SafeMoon liquidity pool will be returned back, and the incident can be forgotten.
Nevertheless, SafeMoon accurately drew an important conclusion from this situation and carefully checked if there are any other errors in the platform code that allow ordinary participants in the crypto exchange to gain access that they are not entitled to in principle. Probably, the owners of other DeFi platforms will soon carry out the same checks in order not to step on the same rake.