0
0
News

Pump.fun Hit for $2M in Flash Loan Exploit

Solana's buzzy memecoin launcher hit with attack.
0
0
May 16, 20241 min read

Pump.fun, a buzzy Solana memecoin launcher with huge levels of activity levels recently, paused operations after suffering a flash loan attack that resulted in an estimated loss of 12.3k SOL (~$2M). 

What’s the scoop?

  • Former Pump.fun employee staccoverflow has claimed responsibility for the attack, citing personal anguish and contempt for his previous bosses. 
  • The exploit involved a private key compromise and flash loans of SOL borrows via marginfi to manipulate Pump.fun’s memecoin bonding curves, followed by withdrawing liquidity meant for Raydium pools. 
  • While loss estimates ranged from ~$300k to ~$80M amid the initial chaos, Wintermute’s head researcher Igor Igamberdiev has now pegged the total loss as at least $2M

Bankless take:

Pump.fun is currently the memecoin capital of Solana, and lately it’s seemed unstoppable. That said, this attack, while far from devastating, certainly takes some wind out of the platform’s sails. However, it seems likely the token launcher can rebound fast.

Across the two days preceding the exploit, Pump.fun generated $1.9M worth of revenues or 95% of the total losses of the attack. It’s not a desirable situation to be in, but the team has the resources to make its users whole. All in all, the episode is a reminder of the potential risks around the crypto frontier and the importance of private key security. The Pump.fun team dropped the ball in a big way here, so watch for how they respond in the days ahead. 

Not financial or tax advice. This newsletter is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This newsletter is not tax advice. Talk to your accountant. Do your own research.

Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. Additionally, the Bankless writers hold crypto assets. See our investment disclosures here.

Published in Bankless

There’s a revolution in the world of money. Ethereum, Bitcoin, crypto, open finance, DeFi—a bankless revolution. And you want part of it.

Are you sure you want
to log out?
You'll lose access to your Bankless account until you log back in again. Oh and also, we'll miss you too much! 😢
Cancel
Continue
Account Light mode Log Out