Ex-Employee Accused in $1.9M Theft From Pump.fun

Ex-Employee Accused in $1.9M Theft From Pump.fun Memecoin Platform

Written by Aaron S.,

Editor-In-Chief

Last Updated: May 17, 2024

Key Takeaways

Pump.fun accused a former employee of stealing $1.9 million in SOL through a "bonding curve" attack, exploiting privileged system access;
The firm assured users they would recover their full liquidity;
Suspect @STACCoverflow admitted responsibility and claimed he will reward the stolen funds to Solana community members.

Pump.fun, a Solana-based memecoin creation platform, has accused a former employee of exploiting its systems and conducting a bonding curve attack.

On May 16, pump.fun reported that the ex-employee used their privileged position to access the platform's "withdraw authority" to compromise its internal operations.

This breach resulted in approximately $1.9 million in Solana (SOL) being stolen from the $45 million held in pump.fun’s bonding curve contracts.

How do Cryptocurrency Exchanges Work? (Easily Explained!)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

After temporarily pausing trading, pump.fun has since resumed operations and assured users that its smart contracts remain secure. The platform has promised affected users that they will receive "100% of the liquidity" they previously had within the next 24 hours.

The attack involved the use of flash loans from the Solana lending protocol Raydium to borrow Solana tokens. The attacker then used these tokens to purchase as many coins as possible on pump.fun. Once the coins reached their maximum bonding curve value, the exploiter accessed the liquidity and repaid the flash loans

Igor Igamberdiev, head of research at the algorithmic trading firm Wintermute, suggested that the exploit was caused by an internal private key leak and suspected X user @STACCoverflow to be involved.

In a series of cryptic posts, @STACCoverflow admitted to being behind the exploit, citing his "horrible bosses" as part of the reason and stating that the stolen funds would be given to token and NFT holders of the Solana community.

In other posts, @STACCoverflow exposed his full name and showed his face, adding that he did not care about revealing his identity as he had already been doxxed.

This incident underscores the vulnerabilities within DeFi platforms, especially when internal security measures are compromised.

Another exploit that recently hit the crypto industry involved two brothers who allegedly manipulated the Ethereum blockchain and stole $25 million.