Pump.fun, a Solana-based memecoin creation platform, has accused a former employee of exploiting its systems and conducting a bonding curve attack.
On May 16, pump.fun reported that the ex-employee used their privileged position to access the platform’s “withdraw authority” to compromise its internal operations.
This breach resulted in approximately $1.9 million in Solana (SOL) being stolen from the $45 million held in pump.fun’s bonding curve contracts.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe – We publish new crypto explainer videos every week!
After temporarily pausing trading, pump.fun has since resumed operations and assured users that its smart contracts remain secure. The platform has promised affected users that they will receive “100% of the liquidity” they previously had within the next 24 hours.
The attack involved the use of flash loans from the Solana lending protocol Raydium to borrow Solana tokens. The attacker then used these tokens to purchase as many coins as possible on pump.fun. Once the coins reached their maximum bonding curve value, the exploiter accessed the liquidity and repaid the flash loans
Igor Igamberdiev, head of research at the algorithmic trading firm Wintermute, suggested that the exploit was caused by an internal private key leak and suspected X user @STACCoverflow to be involved.
In a series of cryptic posts, @STACCoverflow admitted to being behind the exploit, citing his “horrible bosses” as part of the reason and stating that the stolen funds would be given to token and NFT holders of the Solana community.
In other posts, @STACCoverflow exposed his full name and showed his face, adding that he did not care about revealing his identity as he had already been doxxed.
This incident underscores the vulnerabilities within DeFi platforms, especially when internal security measures are compromised.
Another exploit that recently hit the crypto industry involved two brothers who allegedly manipulated the Ethereum blockchain and stole $25 million.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.