HomeCrypto NewsSolana: A $2 million hack hits the Pump Fun platform

Solana: A $2 million hack hits the Pump Fun platform


A flash loans and then goes. Clearly, this week is bloody for decentralized finance. A few days ago, 2 different protocols were hacked in the same day. Now, the pump.fun platform hosted on Solana has been the target of an attack. Let’s look back at how this incredible affair unfolded.

$2 million stolen from Pump.fun

Pump.fun is a platform that allows you to create and launch tokens on Solana in one click. This quickly became the haunt of people looking for the next memecoin nugget. The enthusiasm around the platform is such that it generates around a million dollars in fees every day.

Unfortunately, on the afternoon of May 16, many observers have noted suspicious transactions on the Pump.fun platform.

Quickly, the hack theory was favored and several estimates emerged, ranging from a few hundred thousand to 8 million dollars.

Finally, around 7 p.m., the Pump.fun teams have confirmed the attack on the social network.

The Pump.fun teams confirm the hack

“We are aware that Pump.fun’s bonding curve contracts were compromised and we are investigating the matter. We have updated contracts so that the attacker can no longer siphon funds. The TVL currently in the protocol is secure. »

To ensure the safety of the remaining funds, trading has been disabled on the platform.

At the same time, the head of research for Wintermute, Igor Igamberdiev revealed that 12,300 SOL had been stolen. Which is equivalent to approximately 2 million dollars at the current price.

Details of the attack

Early this morning, the Pump.fun teams published a postmortem reviewing the progress of the attack.

Thus, we learn that the attack was led by a former employee. The latter allegedly took advantage of his position in the company to illicitly access the withdrawal authority over the platform’s contracts. In other words, this allows the attacker to interact directly with contracts without going through the usual control or approval mechanisms.

He then used a flash loan to borrow a large quantity of SOL. With these SOLs, the hacker massively purchased tokens created on the Pump.fun platform. The objective is to reach 100% of their bonding curve. As a reminder, this curve determines the relationship between the quantity of tokens in circulation and their price.

Once 100% was reached, the hacker was able to access token liquidity and siphon off pools.

Once the attack was over, he was able to repay the flash loan he had initially taken out.


Finally, the pump.fun teams announced a compensation for users impacted by the attack. Thus, all tokens which have reached 100%, namely those which have been hacked, will be put back online with all the liquidity they had before the attack.

In addition, platform fees will be lowered to 0% for one week to compensate the entire community.

This event will perhaps shed light on the Solana memecoin ecosystem. Indeed, after a significant boom at the start of the year, the craze for these memecoins has largely declinedparticularly with regard to the risk this implies.


Please enter your comment!
Please enter your name here


Solana (SOL) price leads the crypto market in the last week

The cryptocurrency market has seen a large rally in recent hours, with Bitcoin surpassing the $67,000 barrier....

How the tax reform in Argentina would impact cryptocurrency users

Key facts: The reforms would benefit thousands of cryptocurrency users in taxes. Taxes on personal property, profits and monotribute could have modifications. This...

El Salvador and Kazakhstan join forces to expand the use of bitcoin

Key facts: They want to improve “cooperation, assistance and facilitation” of information exchange. El Salvador has already become a reference for the...

Most Popular