SafeMoon, a decentralized finance project that was charged with security rule violations and fraud by the United States Securities and Exchange Commission (SEC), has stated that it is diligently investigating recent developments and will work to resolve the matter as soon as possible.
As per a declaration published by the project on X (previously Twitter), its teams continue to demonstrate steadfast dedication to user service, the progression of the project’s overarching vision, and the pursuit of its mission.
In March, an exploitation of SafeMoon caused BNB to incur a net loss of $8.9 million.
The funds associated with the security compromise have been circulating on centralized exchanges, and Match Systems, a firm specializing in blockchain analysis, hypothesizes that these transactions may have substantial implications for law enforcement agencies.
Match Systems conducted an analysis that revealed that the assailant exploited a susceptibility in the smart contract of SafeMoon about the “Bridge Burn” function.
This vulnerability allowed the “burn” function for SafeMoon (SFM) tokens to be executed at any given address.
The perpetrators initiated the transfer of 32 billion SFM tokens from the liquidity pool address of SafeMoon to the deployer address of SafeMoon, resulting in an exponential rise in the value of the tokens.
The exploiter transferred 27,380 BNB to the hacker’s address by exchanging SFM tokens for BNB at an inflated rate, capitalizing on the price increase.
The analysis conducted by Match System established that the smart contract vulnerability was not present in the prior iteration and was introduced on March 28, the day of the exploit, with the release of the new update.
This has generated concerns regarding the possibility of internal participation.
The assailant initially claimed to have inadvertently exploited the protocol and conveyed their intention to establish a channel of communication to retrieve 80% of the funds.