Pump.fun Exploited by Former Employee STACCoverflow, $1.9M Stolen, Raydium Listing Stuck

May 16, 2024, 07:17 PM

Pump.fun, a Solana-based memecoin platform, was exploited by a former employee using flash loans, resulting in the misappropriation of approximately $1.9 million worth of Solana (12.3K SOL). The exploit involved the attacker using compromised private keys to manipulate the bonding curves of tokens, effectively zeroing out other token holders. Initial reports suggested losses up to $80 million, but these were later clarified to be significantly lower. The platform has paused trading and upgraded its smart contracts to prevent further exploits. The team has assured users that their funds are safe and that trading will resume within the next seven days. The exploit affected as many as 1,882 wallets, and the Raydium listing was stuck due to the attack. The attacker, identified as STACCoverflow, used flash loans to buy out the bonding curve.