It is suspected that a new Safemoon contract upgrade may have introduced “a public burn bug,” which enabled the hacker to remove a large amount of SFM tokens from “Safemoon-WBNB Liquidity Pool.” By doing this, the hacker artificially inflated the price of SFM and sold back the tokens into the same liquidity pool, to drain $8.9 million in WBNB. “To the SAFEMOON community: We want to inform you that our LP has been compromised,” the team confirmed the attack. “We are taking swift action in an attempt to resolve the issue as soon as possible.”
Safemoon’s Hacker Willing to Return Stolen Funds
Hours after the incident, the hacker sent on-chain messages to Safemoon Deployer address, asking to set up a secure communication channel for talks about returning the fund. “Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talk,” the messages reads. “Lets discuss the detail, please send a message from same address containing your email address, and contact us by email.” A similar scenario happened with Euler Finance, which saw more than $196 million in cryptocurrency stolen earlier this month. In an on-chain message, the hacker showed a willingness to return the funds, adding that they had “no intention of keeping what is not ours.” The hacker returned 51,000 ETH worth around $89 million to Euler Finance last week. So far, over $176 million of the stolen funds have been returned, according to reports. At the time of writing, SFM is down 23% to $0.00019077 in the last 24 hours.
