Four.Meme Resumes Operations After $120,000 Sandwich Attack

Four.Meme, a memecoin launch platform operating on the BNB Chain, has resumed its operations following a significant security breach. The platform was targeted in a sandwich attack, a market manipulation technique, which resulted in the theft of approximately $120,000. The attack exploited a pre-launch vulnerability in the platform's system, allowing the attacker to manipulate the market and siphon off funds.

The incident was first reported on March 18, when Four.Meme announced the suspension of its launch function due to an ongoing attack. The platform's team conducted a thorough security inspection and addressed the issue, reinforcing the system's security measures. In a subsequent update, Four.Meme confirmed that the launch function had been resumed and that compensation for affected users was underway.

Web3 security firm ExVul provided insights into the attack, stating that the exploit involved pre-calculating the address for creating the liquidity pool’s trading pair. The attacker utilized one of the platform’s functions to purchase tokens, successfully bypassing Four.Meme’s token transfer restrictions. ExVul noted that the attacker then waited for Four.Meme to add liquidity to the transaction, ultimately siphoning off the funds.

CertiK, another blockchain security firm, corroborated ExVul's findings. According to CertiK, the attacker transferred an imbalanced amount of un-launched tokens to pair addresses before the pair was created. This manipulation allowed the attacker to sell the tokens at launch for profit. In the case of the SBL token, the attacker sent a small amount of SBL tokens to the pre-calculated pair address in advance and profited 21.1 BNB by sandwiching the add liquidity transaction at launch.

The total amount stolen in the attack was at least 192 BNB, worth approximately $120,000. The stolen funds were subsequently sent to the decentralized crypto exchange FixedFloat. This incident marks the second time Four.Meme has been targeted in as many months, with a previous exploit on February 11 resulting in the loss of about $183,000 worth of digital assets.

This latest incident underscores the ongoing challenges faced by the crypto industry in securing its platforms against sophisticated attacks. The broader crypto industry has also seen significant losses due to scams, exploits, and hacks. The increasing sophistication of these attacks highlights the need for enhanced security measures and vigilance within the industry.