Non Cult Crypto News

Non Cult Crypto News

in

Huge ‘screw-up’ — Pump Science apologizes after flood of fraud tokens

Pump Science partially blamed Solana-based software firm BuilderZ for leaving the private key to the dev wallet address on GitHub for the public to see.

COINTELEGRAPH IN YOUR SOCIAL FEED

Decentralized science platform Pump Science has apologized to its users after its private key was leaked on GitHub — allowing a “known attacker” to create fraudulent tokens using its Pump.fun profile. 

“We do not want to diminish how much of a screw-up this was, we totally acknowledge that this is a huge issue and misstep on our part,” Pump Science’s Benji Leibowitz said in an ask-me-anything (AMA) session hosted on X on Nov. 27.

“This absolutely will not happen again,” he said, adding:

“We’re never gonna launch tokens on pump.fun ever again.”

In earlier X posts on Nov. 25 and 26, Pump Science explained that private keys linked to its Pump.fun profile (pscience) was leaked on its GitHub, allowing the hacker to use it to create new, fraudulent tokens, including Urolithin B through to Urolithin E ($URO) and Cocaine ($COKE).

“Do not trust any new tokens launched from the pscience PumpFun profile,” Pump Science stressed. 

“These were not created by our team and this wallet is compromised.”

Since the incident, Pump Science has changed its Pump.fun profile name to “dont_trust” to prevent people from buying any more fraudulent tokens, and it said it has partnered with blockchain security firm Blockaid to flag new mints coming from this address.

Source: Pump Science

Pump Science partially blamed Solana-based software firm BuilderZ for leaving the private key for the developer wallet address “T5j2U…jb8sc” in its GitHub codebase, which made the mistake of thinking the private keys were for the test wallet, not the dev wallet.

The DeSci platform, however, tried to explain that the attacker couldn’t have been BuilderZ because the mechanism by which the tokens were brought on Solana’s chain was different.

Instead, Pump Science said it believes the hacker was the same person or group of people that hacked a wallet owned by James Pacheco, a founder at Solana-based commodity tokenization platform “elmnts.”

The DeSci protocol said it would conduct a “complete audit” of its front end and for future releases, run a bug bounty for penetration testing of the protocol and explore improved solutions for key management and security.

“New tokens will launch on pump science only after we have fully audited the app and smart contracts to ensure pump science is secure. Hopefully, we can make it by the holidays.”

Related: Decentralized science is like early DeFi in 2019: Crypto VC

Pump Science’s platform allows the trading of tokens tied to longevity medicines.

Its only two tokens are Rifampicin (RIF) and Urolithin A (URO), which boast market caps of $85.6 million and $37.2 million, respectively, CoinGecko data shows.

Rifampin is used to treat tuberculosis, while Urolithin A is a dietary supplement that modulates mitochondrial activity, offering potential antioxidant and anti-inflammatory benefits.

Magazine: Anti-aging tycoon Bryan Johnson almost devoted his life to crypto

This article first appeared at Cointelegraph.com News

What do you think?

Written by Outside Source

MARA: US Must Dominate Bitcoin Hash Rate to Ensure Financial Sovereignty

Vancouver mayor plans to make the city friendly for Bitcoin

Back to Top

Ad Blocker Detected!

We've detected an Ad Blocker on your system. Please consider disabling it for Non Cult Crypto News.

How to disable? Refresh

Log In

Or with username:

Forgot password?

Don't have an account? Register

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

To use social login you have to agree with the storage and handling of your data by this website.

Add to Collection

No Collections

Here you'll find all collections you've created before.