Four.Meme, a memecoin launchpad on the BNB Chain, has been hit by a $200,000 exploit, leading the platform to suspend its Liquidity Provider (LP) on PancakeSwap. The team confirmed the attack on February 11, assuring users that measures were being taken to mitigate further risks while maintaining on-chain trading.
Attack Confirmation and Response
After detecting the malicious exploit, Four.Meme halted its token LP to prevent further financial damage. Despite the breach, the team emphasized that its internal funds remain secure and committed to keeping the community informed as the situation unfolds.
This security incident comes as the platform gains traction, primarily due to the unexpected surge of the Test (TST) token. Initially created for an educational video, TST skyrocketed by 10,000% following a social media post from former Binance CEO Changpeng Zhao, eventually securing a listing on Binance.
How the Attack Happened
According to Web3 security firm CertiK, the attacker exploited vulnerabilities in multiple unverified contracts, siphoning off approximately $200,000 in assets. Another security firm, PeckShield, estimated the loss at around 287 BNB, equivalent to roughly $183,000.
SlowMist, a blockchain security firm, further analyzed the attack and identified liquidity manipulation as the primary technique. The attacker leveraged a front-running strategy by creating a fraudulent liquidity pool on PancakeSwap V3 before the token launch. By setting an artificial token price, the attacker manipulated liquidity distribution, enabling asset drainage upon token migration.
A major security oversight in Four.Meme’s protocol was the lack of a verification mechanism for liquidity pool prices before deposits. This vulnerability left the system exposed to price distortions and liquidity drains.
Security Concerns and Future Implications
SlowMist’s founder, Yu Xian, highlighted the exploit as a result of weak security measures. He warned that unless platforms implement rigorous verification processes, similar loopholes will continue to be exploited.
As Four.Meme works toward resolving the issue, the incident raises concerns about security vulnerabilities in memecoin projects, emphasizing the need for stronger preventive measures in DeFi ecosystems.
