Pump.frenzy Attacker Admits He Intended to ‘Terminate’ Solana Meme Coin Launcher
Pump.frenzy, a well-known platform for launching meme coins on Solana, experienced a security breach on Thursday that resulted in the compromise of its protocol. As a result, the leadership of Pump.frenzy temporarily shut down the site. Meanwhile, the attacker responsible for the incident openly gloated about it online.
The attack specifically targeted bonding curve contracts, which are responsible for transferring liquidity of tokens created on Pump.frenzy to the Solana decentralized exchange, Raydium. Some experts analyzing the situation concluded that the attacker used a private key that only an employee of Pump.frenzy would have access to, to divert funds designated for Raydium to unrelated wallets.
Igor Igamberdiev, head of research at crypto market maker Wintermute, estimated that the attacker seized at least $2 million worth of SOL using this exploit. However, in a surprising twist, the attacker immediately began distributing the stolen funds to random wallet addresses. Solana token holders and NFT owners became involuntary recipients of the Pump.frenzy loot.
Just minutes after the attack, a Twitter account linked to a former Pump.frenzy employee claimed responsibility for the incident. The account user posted extensively, displaying erratic behavior and expressing a lack of fear about imprisonment, acknowledging that their identity had been exposed.
The Twitter account stated, “Everybody be cool, this is robbery. I’m about to change the course of history and then rot in jail. Am I sane? Nah. Am I well? Very much not. Do I want for anything? My mom raised me from the dead.” The account proceeded to retweet posts from grateful crypto users who received portions of the stolen funds through the attacker’s airdrops.
Decrypt reached out to the self-proclaimed attacker for more information regarding the exploit and their motivations. The attacker responded with a cryptic message, saying, “The threads are there, dig deeper.” Following the attack, Pump.frenzy announced a temporary pause in trading and stated their intention to cooperate with law enforcement, as the attacker is reportedly from Canada.
In a Twitter Spaces session, the self-proclaimed attacker claimed to have been employed by Pump.frenzy for a few weeks and criticized the company’s management, citing personal grievances. When asked why they committed the theft, the attacker bluntly replied, “I just kind of wanted to kill Pump.frenzy because it’s something to do. It has inadvertently harmed people for a long time.”
Decrypt attempted to verify if the self-proclaimed attacker had indeed worked for Pump.frenzy previously but did not receive an immediate response. While Pump.frenzy has witnessed significant trading volume amid the meme coin craze in the cryptocurrency market, it has also faced criticism for promoting the speculative and gambling-focused side of crypto.
The self-proclaimed attacker asserted that he observed Pump.frenzy heading towards its demise and believed he hastened its downfall. One attendee of the Twitter Spaces session asked the attacker if he expected to go to prison for his actions, to which he replied, “I’m pretty sure there’s a fairly high chance of that.”
Edited by Andrew Hayward