Binance’s Four.Meme Platform Exploited Again, Halts New Token Launches

• Hackers exploited Binance’s Four.Meme platform by bypassing the coin listing process, creating unauthorized trading pairs, and taking out liquidity from newly launched tokens.
• SlowMist, a Blockchain security firm revealed that the attacker used a specific function in the smart contract to send pre-launch tokens to a non-existent PancakeSwap address, which allowed them manipulate liquidity and steal funds.
• This is not the Four.Meme first hack, the platform has suffered a similar attack in February, that led to a loss of around $183,000.

Binance’s Four.Meme platform has been hacked, the hackers draining liquidity from certain meme tokens. They did it through  bypassing the listing process and creating trading pairs for tokens that had not yet completed their bonding curve. As a result, Four.Meme has temporarily paused any form of token launch.

The memecoin platform was exploited in such a way that the hackers exploited newly launched tokens to drain liquidity. By bypassing certain restrictions, they created unauthorized trading pairs on PancakeSwap and went on to empty liquidity pools through an unapproved DEX listing. This incident happened around 04:00 GMT, during peak Asian market hours. 

In response, Four.Meme quickly suspended new token launches and began an emergency investigation. The team assured users that they have put in security improvements and promised compensation for everyone who was affected by the exploitation and they should submit a form with required details to receive reimbursement.

SlowMist Raises the Alarm for Four.Meme Exploitation 

SlowMist first reported the security breach by stating that the attacker took advantage of some specific function in Four.Meme’s smart contract to buy tokens even before their official release. 

Using the 0x7f79f6df function, the hackers sent these early tokens to a PancakeSwap pair address that did not yet exist. This allowed them to create the pair and add liquidity without moving the unissued tokens, bypassing transfer limits set even before launch. As a result, they set liquidity at an unintended price and drained the pool’s funds.

So basically, they used a special function to send these tokens to a PancakeSwap address that didn’t exist. This let them create a trading pair and add funds without following the normal rules and because of this, they set their own prices and took money from the pool.

The platform has not yet disclosed the total amount of losses from the attack. However, BscScan data shows that the hacker added liquidity to a PancakePair, reaching a balance of 4.02 trillion tokens.

This is not the first time Four.Meme has faced hack related issues. In February, the platform was hit by a major exploit, that led to a loss of about $183,000. The hacker manipulated liquidity by setting up a fake pool on PancakeSwap V3 before the real one went live. 

Related Reading | Strategy Announces 5M Series A Perpetual Strife Preferred Stock to Fund Bitcoin Acquisition