The United States Securities and Exchange Commission (SEC) has recently alleged fraud and violations of security rules against the decentralized financial project, SafeMoon. The allegations come in the wake of a significant system flaw exploitation that occurred in March, resulting in a hefty loss of 8.9 million BNB (Binance Coin) from the ledger. The digital assets associated with the security breach have been routed through centralized exchanges, shedding light on potential legal ramifications.
The SEC’s allegations have resonated within the SafeMoon community, prompting an official response from the project. On November 2, 2023, SafeMoon took to Twitter to address the concerns, stating, “We are reviewing the recent news and we of course take these issues extremely seriously. As we receive more information, we will do our best to address the situation as quickly as possible. In the meantime our teams continue to build and we keep our focus on delivering for our users, building our vision and moving forward on our mission.”
Blockchain analysis firm Match Systems delved into the technicalities of the breach, pinpointing a vulnerability tied to SafeMoon’s “Bridge Burn” feature in its smart contract. The flaw enabled malicious actors to execute the “burn” function on SafeMoon (SFM) tokens at any address arbitrarily. The exploitation unfolded as 32 billion SFM tokens were transferred from SafeMoon’s liquidity pool to its deployer’s address, triggering a sharp surge in token value. The perpetrators capitalized on this spike by trading SFM tokens for BNB at inflated rates, accruing 27,380 BNB to the hacker’s address.
The inquiry by Match Systems unveiled that the vulnerability was not inherent but emerged with a software update on March 28. This date coincides with the exploit, fostering suspicions of insider involvement. The assailant, proclaiming an accidental protocol breach, has expressed intentions to establish communication for returning 80% of the purloined funds.
Image source: Shutterstock