Four.Meme Hacked: $200K Stolen – Liquidity Pool Exploited on BNB Chain!

Photo of author

By Maxwell Reed

Four.Meme, a memecoin launchpad operating within the BNB Chain ecosystem, has recently taken its liquidity pool services offline on PancakeSwap. This action follows the detection of a security exploit targeting its system.

The platform’s team acknowledged the security compromise on February 11th and has notified users that they are actively implementing corrective measures. As a precaution, Four.Meme has temporarily suspended the token liquidity pool, although on-chain trading functionality remains fully operational.

Despite the security incident, Four.Meme has assured its community that internally held funds are secure. The team is actively monitoring the situation and has committed to providing ongoing updates as developments unfold.

This incident occurs as Four.Meme gains increasing recognition, largely fueled by the unexpected success of its Test (TST) token. Initially designed for educational demonstration purposes, TST experienced a significant price surge, reportedly increasing in value by 10,000% after a prominent social media endorsement from a former Binance executive. The token’s subsequent popularity resulted in its listing on a major cryptocurrency exchange.

Significant Financial Impact

Cybersecurity experts at the Web3 security firm CertiK have reported that the security breach enabled an attacker to compromise approximately $200,000 worth of assets by exploiting vulnerabilities present in several unverified smart contracts. Concurrently, PeckShield, another well-regarded security firm, has estimated the amount stolen at roughly 287 BNB, which equates to nearly $183,000, although figures vary slightly.

Further investigation conducted by SlowMist, a blockchain security company, revealed that the attacker manipulated liquidity using a front-running strategy. By preemptively establishing a pool on PancakeSwap V3 ahead of the official token launch, the malicious actor was able to manipulate the initial token price. Upon the official launch and integration into PancakeSwap, this deceptive pool had a disproportionate influence on the liquidity distribution, thereby enabling the unauthorized transfer of assets.

The investigation also identified a critical flaw in Four.Meme’s protocol: the absence of a mechanism to validate liquidity pool prices before accepting deposits. This security gap made the system vulnerable to price manipulation and the draining of liquidity during the attack.

Yu Xian, the founder of SlowMist, has attributed the security breach to insufficient security protocols, underscoring the repeated occurrence of such exploits. He has strongly recommended that platforms implement more rigorous verification processes in order to prevent similar incidents in the future.

Share