The Crypto Krew
Copyright 2025 - All Right Reserved
Home » Memecoin Launcher Pump.Fun Claims Ex-Employee Behind $1.9M Exploit
Blockchain

Memecoin Launcher Pump.Fun Claims Ex-Employee Behind $1.9M Exploit

by Terron Gold
written by Terron Gold 0 comments

Solana memecoin creation tool pump.fun has claimed a former employee exploited the firm for nearly $2 million through a “bonding curve” attack. The ex-employee used their “privileged position” to access a “withdraw authority” and compromise the protocol’s internal systems, pump.fun alleged in a May 16 X post.

About $1.9 million was stolen from the total $45 million held in pump.fun’s bonding curve contracts. The platform temporarily paused trading but it is now back up and running. The pump.fun smart contracts “are safe,” and users impacted by the incident will receive “100% of the liquidity” that it previously had within the next 24 hours, pump.fun said.

Prior to pump.fun’s post, Igor Igamberdiev, the head of research at cryptocurrency market maker Wintermute, claimed the hack came about from an internal private key leak, which he suspected to be X user “STACCoverflow.”
 
In a series of cryptic X posts, STACCoverflow claimed they were “about to change the course of history. n [sic] then rot in jail.” They added in a separate post they “do not care, I am already fully doxxed.”
 
In an earlier X post, pump.fun said  it has been collaborating with law enforcement. It did not name the former employee and did not immediately respond to a request for comment.
 
The alleged exploiter used flash loans on a Solana lending protocol Raydium to borrow Solana’s SOL, token which was then used to “buy as many coins” as possible, pump.fun said.
 
Once the coins hit 100% on their respective bonding curves, the exploiter could then access the bonding curve liquidity and repay the flash loans.

Approximately 12,300 SOL, worth $1.9 million, was stolen in the attack, which pump.fun sai occurred between 3:21 pm and 5:00 pm UTC on May 16.

The Solana Memecoin Launchpad said users impacted between these hours would recover 100% or more of the liquidity held prior to the attack.

You Might Be Interested In

You may also like

AWS Outage Exposes Crypto Industry’s Vulnerability to Centralized...

Cardano Founder Charles Hoskinson, Announces Midnight Airdrop For...

Hedera integrates Chainlink Oracle For Cross-Chain Interoperability

Ripple to Acquire Prime Broker Hidden Road for...

BNY Starts Feeding Digital Asset Reserve Accounting to...

WisdomTree Launches Funds on more Blockchains as Tokenized...

THE CRYPTO KREW
THE ATLANTA BLOCK CHAIN CENTER
Stand With Crypto

Subscribe

Subscribe our newsletter for latest news, service & promo. Let's stay updated!

Copyright 2024 The Crypto Krew – All Right Reserved. Designed and Developed by Track 7 Media

Instagram Facebook X-twitter Youtube Tiktok Threads

This website uses cookies to improve your experience. To read more or opt here visit the privacy policy. Accept Read More