{"id":20675,"date":"2024-05-17T17:30:56","date_gmt":"2024-05-17T17:30:56","guid":{"rendered":"https:\/\/coinengineer.io\/?p=20675"},"modified":"2024-05-17T12:44:39","modified_gmt":"2024-05-17T12:44:39","slug":"pump-fun-ensures-full-recovery-after-1-9m-insider-exploit","status":"publish","type":"post","link":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/","title":{"rendered":"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit"},"content":{"rendered":"<p><strong>Pump.fun, a Solana memecoin creator tool,<\/strong> has recently stated that one of the former employees had used the platform for almost<strong> $2 million through a sophisticated &#8220;bonding curve&#8221; attack.<\/strong> The event of May 16 was described in a few tweets on X (the former Twitter).<\/p>\n<p>The exploit was about the flash loans on Solana lending protocol Raydium to get some <a href=\"https:\/\/coinengineer.net\/blog\/robinhood-crypto-stakes-big-in-europe-with-solana\/\">SOL<\/a>, which were then used to &#8220;buy as many coins&#8221; as possible. After the coins reached 100% on their respective bonding curves, the attacker borrowed money from a flash loan to repay for it. <strong>Around 12,300 SOL is equal to $1. 9 million, was stolen in the attack,<\/strong> which took place between 3:5:00 pm UTC and 21 PM on May 16.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_71 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#Internal_Breach_and_Immediate_Response\" title=\"Internal Breach and Immediate Response\">Internal Breach and Immediate Response<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#Assurances_of_Security_and_Compensation\" title=\"Assurances of Security and Compensation\">Assurances of Security and Compensation<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#Industry_Repercussions_and_User_Reactions\" title=\"Industry Repercussions and User Reactions\">Industry Repercussions and User Reactions<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Internal_Breach_and_Immediate_Response\"><\/span>Internal Breach and Immediate Response<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>Pump.fun<\/strong> said the former employee used their &#8220;privileged position&#8221; to get into the &#8220;withdraw authority&#8221; and disrupt the internal systems. This person is said to have abused the firm&#8217;s ways and means to take away their money.<\/p>\n<p>Igor Igamberdiev, the head of research at Wintermute which is a cryptocurrency market maker said that the hack was due to an internal private key leak and he identified &#8220;STACCoverflow&#8221; as X user. &#8221; In the cryptic X posts, STACCoverflow insinuated their participation and said they were &#8220;about to change the course of history&#8221; and did not mind being &#8220;fully doxxed.&#8221;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Assurances_of_Security_and_Compensation\"><\/span>Assurances of Security and Compensation<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Despite the breach, <strong>Pump.fun <\/strong>is a smart contract which tells users that its contracts are safe. The platform in the official statement said that those users who were affected by the incident will get back &#8220;100% of their liquidity&#8221; within 24 hours. Trading was temporarily halted after the exploit but now it has been resumed.<\/p>\n<p>In the previous X post, Pump.fun said that they will be working closely with the police to solve this issue. Nevertheless, the platform did not disclose the former employee and has not yet responded to requests for more information.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Industry_Repercussions_and_User_Reactions\"><\/span>Industry Repercussions and User Reactions<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The exploit has caused panic among the cryptocurrency community, mainly because of the security of internal protocols and the possibility that it may be an insider job.The Pump.fun\u2019s quick and full liquidity recovery assurance has been received with the mixed reactions from the users who are now closely following for any further developments.<\/p>\n<p>The inquiry is still in progress and the Pump.fun\u2019s dedication to openness and user compensation is still the main thing in rebuilding trust within its community.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pump.fun, a Solana memecoin creator tool, has recently stated that one of the former employees had used the platform for almost $2 million through a sophisticated &#8220;bonding curve&#8221; attack. The event of May 16 was described in a few tweets on X (the former Twitter). The exploit was about the flash loans on Solana lending<\/p>\n","protected":false},"author":6,"featured_media":11625,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,1],"tags":[6173],"class_list":["post-20675","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-news","category-genel","tag-pump-fun"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer<\/title>\n<meta name=\"description\" content=\"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer\" \/>\n<meta property=\"og:description\" content=\"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/\" \/>\n<meta property=\"og:site_name\" content=\"Coin Engineer\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-17T17:30:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-17T12:44:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"964\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tanju Akb\u0131y\u0131k\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tanju Akb\u0131y\u0131k\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/\",\"url\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/\",\"name\":\"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer\",\"isPartOf\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg\",\"datePublished\":\"2024-05-17T17:30:56+00:00\",\"dateModified\":\"2024-05-17T12:44:39+00:00\",\"author\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546\"},\"description\":\"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.\",\"breadcrumb\":{\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage\",\"url\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg\",\"contentUrl\":\"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg\",\"width\":1500,\"height\":964,\"caption\":\"PlayDapp Hack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/coinengineer.net\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#website\",\"url\":\"https:\/\/coinengineer.net\/blog\/\",\"name\":\"Coin Engineer\",\"description\":\"Btc, Coins, Pre-Sale, DeFi, NFT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/coinengineer.net\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546\",\"name\":\"Tanju Akb\u0131y\u0131k\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g\",\"caption\":\"Tanju Akb\u0131y\u0131k\"},\"url\":\"https:\/\/coinengineer.net\/blog\/author\/cetanju\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer","description":"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/","og_locale":"en_US","og_type":"article","og_title":"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer","og_description":"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.","og_url":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/","og_site_name":"Coin Engineer","article_published_time":"2024-05-17T17:30:56+00:00","article_modified_time":"2024-05-17T12:44:39+00:00","og_image":[{"width":1500,"height":964,"url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg","type":"image\/jpeg"}],"author":"Tanju Akb\u0131y\u0131k","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Tanju Akb\u0131y\u0131k","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/","url":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/","name":"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit - Coin Engineer","isPartOf":{"@id":"https:\/\/coinengineer.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage"},"image":{"@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg","datePublished":"2024-05-17T17:30:56+00:00","dateModified":"2024-05-17T12:44:39+00:00","author":{"@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546"},"description":"Pump.fun, a Solana memecoin creation tool, ensures users will recover 100% liquidity after an insider exploit, claiming the smart contracts remain secure.","breadcrumb":{"@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#primaryimage","url":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg","contentUrl":"https:\/\/coinengineer.net\/blog\/wp-content\/uploads\/2024\/02\/PlayDapp-Hack.jpeg","width":1500,"height":964,"caption":"PlayDapp Hack"},{"@type":"BreadcrumbList","@id":"https:\/\/coinengineer.net\/blog\/pump-fun-ensures-full-recovery-after-1-9m-insider-exploit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/coinengineer.net\/blog\/"},{"@type":"ListItem","position":2,"name":"Pump.fun Ensures Full Recovery After $1.9M Insider Exploit"}]},{"@type":"WebSite","@id":"https:\/\/coinengineer.net\/blog\/#website","url":"https:\/\/coinengineer.net\/blog\/","name":"Coin Engineer","description":"Btc, Coins, Pre-Sale, DeFi, NFT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/coinengineer.net\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/286f3a00b45c1661961e40ff0a1c7546","name":"Tanju Akb\u0131y\u0131k","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/coinengineer.net\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a027c5acae1ab2c3649244f87d705ac7ee359dd7e3222b84cb1d32ba3a8d2e18?s=96&d=mm&r=g","caption":"Tanju Akb\u0131y\u0131k"},"url":"https:\/\/coinengineer.net\/blog\/author\/cetanju\/"}]}},"_links":{"self":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/20675","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/comments?post=20675"}],"version-history":[{"count":3,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/20675\/revisions"}],"predecessor-version":[{"id":20694,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/posts\/20675\/revisions\/20694"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media\/11625"}],"wp:attachment":[{"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/media?parent=20675"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/categories?post=20675"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinengineer.net\/blog\/wp-json\/wp\/v2\/tags?post=20675"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}