In brief⚡
Art Coin lost ~$331K due to an LP Setting Error.
~$18.87K lost by MChainCapital as a result of flash loan exploit.
Hacker swept ~ $55.6K from PEPG in a rug pull.
~$89.61K wiped out in DMAN rug pull scam.
~$52.34K lost in FREDDIE rug pull scam.
FLOKI lost ~$30K in flash loan attack.
WEEB lost 16ETH in price manipulation attack.
Art Coin
Amount of Loss: ~ $331K
Analysis
On May 7, Art Coin's encrypted art platform launched a liquidity pool (LP pool) on Uniswap V3.
After discovering a flaw in the pre-sale process of Art Coin's ART token Uniswap V3, a user immediately sold the ART he purchased at 0.01 ETH during the pre-sale period, earning 181 ETH in the liquidity, worth approximately 331,000 USD.
Some have questioned the user's actions, claiming that the user pulled a rug.
The founder of Art Coin has since issued a statement claiming that a misunderstanding caused the bug: "Two developers will assist us in understanding and configuring LP."
MChainCapital
Amount of Loss: ~ $18.87K
Analysis
MChainCapital became the victim of a flash loan attack and lost approximately $18,871.
The deflationary token does not exclude the pair from the excluded address, allowing the attacker to use the deliver function to mint tokens before exchanging them for 10 $ETH.
PEPG
Amount of Loss: ~ $55.6K
Analysis
Pepega ($PEPG) got Rugged, and the exploiter profited approximately 30 ETH ($55,609.2).
The scammer received 3.58 ETH from Binance initially and added 2.8 ETH to liquidity.
DMAN
Amount of Loss: ~ $89.61K
Analysis
On May 09, 2023, Derpman ($DMAN) got rugged.
The scammer first obtained 4 ETH from Binance, then added 3 ETH to liquidity before exchanging 1,200T DMAN for 48.55 ETH ($89,611.09) and transferring these ETHs to 0x4d1f...915.
Know More About Rug Pulls:
https://blog.quillaudits.com/2021/10/13/can-smart-contract-audits-help-preempt-rug-pulls-in-the-defi-space/
FREDDIE
Amount of Loss: ~ $52.34K
Analysis
Exploiters have rugged Freddie ($FREDDIE).
The scammer received 2.96 ETH from Orbiter Finance Bridge and added 2 ETH liquidity before exchanging 4,999T FREDDIE for 28 ETH ($52,344.4) and mortgaged 22.5 ETH to Lido.
FLOKI
Amount of Loss: ~ $30K
Analysis
FLOKI suffered a flash loan attack and lost about $30,000.
Attack Transaction: https://etherscan.io/tx/0x118b7b7c11f9e9bd630ea84ef267b183b34021b667f4a3061f048207d266437a
WEEB
Amount of Loss: ~16 ETH
Analysis
Price manipulation was used against the WEEB project.
The hacker used the WEEB token's
performUpkeep
function to burn the balance of a large number of WEEB tokens in the pair, increasing the price of WEEB and profiting 16 ETH.In addition, the SNK project was attacked, and the hackers made a profit of $19,0 using SNK's invitation reward mechanism, and the funds are still in the hacker's address: 7738x2B18f994d7C8c10Fa1E456069624740FE3f<>e.
Explore the Depths of Knowledge: Research Papers & Blogs🔖
Decoding Deus DAO $6.5 Million Exploit
Due to a smart contract vulnerability, the Deus DAO Protocol was exploited on the Arbitrum, Ethereum, and BNB chains on May 6, 2023. The hackers stole approximately $6.5 million in this exploit. DEI is a stablecoin with a fractional reserve that can be used as a unit of account for derivative-based trading on protocols built on the DEUS infrastructure.
Web3 Community Spotlight🔦
New QuillCTF Arbitrage is live!
'Verz' has been onto something fishy again; this time, he is trying to manipulate the most important protocol of the CTFland, the 'QuickSwap'.
QuickSwap being the heart of the CTFland economy. If it goes down, the CTFland goes down, and that is not acceptable.
You have information on Verz's plan. With the government grant of 5e18 Btokens on Verz's birthday, he is looking to increase his Btokens using A, B, C, D and E tokens. Now that you know his plan, find the vulnerability and report it before Verz destroys CTFland.