Earlier today, on-chain records showed that Safemoon, a BNB chain-based exchange, was compromised, leading to the draining of nearly $9 million from its liquidity pool.
In a tweet addressed to the Safemoon community, the exchange confirmed the LP’s compromise and assured them that prompt action was being taken to address the issue.
According to BscScan, approximately $9 million worth of assets were transferred out of the liquidity pool.
Security firm Peckshield said a recent update may have introduced a “public burn bug,” which enabled the hack.
The hacker used a code function to increase the price of SFM tokens artificially and then sold enough tokens back to the liquidity pool in the same transaction, effectively draining WBNB from the contract. Peckshield confirmed this.
Peckshield stated, “By exploiting the public mint bug, the actor can burn most SFM tokens in the pair, which increases the SFM price. With that, the actor basically buys SFM initially, then exploits the public mint bug to increase the SFM price, and eventually sells SFM with a profit of over $8.9 million.”