SafeMoon addresses recent exploits amid SEC charges
cointelegraph.com 18 h
The decentralized finance project SafeMoon, which was charged by the United States Securities and Exchange Commission (SEC) for security rules violations and fraud, has said that it is closely examining the recent developments and will work to resolve the situation promptly.
According to a statement made by the project on X (formerly Twitter), its teams are actively developing and remain committed to serving users, advancing the project’s vision, and pursuing its mission.
SafeMoon was exploited in March, resulting in a net loss of $8.9 million in BNB. The capital linked to the security breach has been shifting through centralized exchanges (CEXs), and blockchain analysis company Match Systems suggests that these transactions may hold significant relevance for law enforcement authorities.
We are reviewing the recent news and we of course take these issues extremely seriously.
As we receive more information, we will do our best to address the situation as quickly as possible.
In the meantime our teams continue to build and we keep our focus on delivering for…
— SafeMoon (@safemoon) November 2, 2023
According to an analysis by Match Systems, SafeMoon smart contract, the attacker took advantage of a vulnerability in SafeMoon’s contract related to the “Bridge Burn” feature, enabling the execution of the “burn” function for SafeMoon (SFM) tokens at any address.
The exploiters’ action entailed transferring 32 billion SFM tokens from SafeMoon’s liquidity pool address to SafeMoon’s deployer address, causing a rapid increase in token value. Leveraging the price surge, the exploiter exchanged some SFM tokens for BNB at an inflated rate, resulting in a transfer of 27,380 BNB to the hacker’s address.
Match System’s analysis determined that the smart contract vulnerability was absent in the previous version and was introduced with the new update released on March 28, coinciding with the day of the exploit. This has raised suspicions of potential insider involvement.
The individual responsible for the attack initially stated that they accidentally exploited the protocol and expressed a desire to establish a means of communication to return 80% of the funds. Subsequently, the funds associated with the exploits have undergone multiple transfers through centralized exchanges such as Binance. Match Systems believes these transfers could be vital for law enforcement agencies to trace and apprehend the exploiters.
Magazine: Huawei NFTs, Toyota’s hackathon, North Korea vs. Blockchain: Asia Express