SafeMoon’s liquidity pool compromised; public burn bug to blame
The amount of funds stolen as a result of the exploit is still unknown.
The liquidity pool (LP) for the DeFi project SafeMoon has been compromised, according to a statement from the project on Twitter on March 28.
SafeMoon LP compromised
SafeMoon said it is taking steps to resolve the issue but gave few other details on the matter. SafeMoon CEO John Karony (aka Captain Hodl) also retweeted the project’s initial statement on his personal Twitter account without further comment.
Though SafeMoon has not disclosed the cause of the incident, others have commented on the matter. Security firm PeckShield said that a contract upgrade introduced a public burn bug — seemingly allowing anyone to destroy tokens. PeckShield said that the upgrade was initiated by the deployer contract and suggested the possibility of an admin key leak.
It is unclear how much cryptocurrency — if any — has been stolen or recovered.
The compromise comes at an inopportune time: SafeMoon recently promoted its security product, Orbital Shield. Though the issue does not seem to be related directly to Orbital Shield, the incident may not inspire confidence in the project’s wider security efforts.
SafeMoon’s native token (SFM) has been slightly affected by the news. The token’s value was down 4.86% over the past 24 hours as of 11:45 p.m. UTC.
SafeMoon plagued by controversy
SafeMoon is a DeFi-focused project that aims to offer investors a way to earn interest on their investment through redistribution, LP acquisition, and token burns.
The project came under fire in 2022 following criticism from Coffeezilla. The YouTube host alleged that the project’s former CEO, known only as “Kyle,” had committed fraud. Coffeezilla also alleged that current CEO John Karony had stolen from the project. SafeMoon’s former CTO had previously responded to Coffeezilla’s earlier claims.
SafeMoon has also been targeted by numerous class action lawsuits, which have variously accused the project of being a pump-and-dump scheme and violating securities laws. The project’s SFM token saw a sudden price surge in November 2022 when one of those lawsuits was dropped, though those gains proved to be extremely short-lived.
As a result, SafeMoon has been plagued by controversy for much of its existence, and its SFM token has lost most of its value since its all-time high in March 2022.
Note: This article was updated to include details from PeckShield.