Alien Base

Anon

Base

FOMO Network

Gem Pad

The Gem Pad token launchpad is posting suspicious transactions, on-chain research shows. The platform for token launches and sales was exploited for an estimated $2.2M.&nbsp; 
Gem Pad is sending out suspicious transactions, pointing to an exploit of multiple chains and tokens. The Gem Pad team immediately mitigated the hack, explaining that multiple security locks had been breached.&nbsp; 
<blockquote class="twitter-tweet" data-theme="dark"> 
 IMPORTANT ANNOUNCEMENT 
 As some of you may have noticed, an incident occurred last night where someone managed to breach our security locks. 
 We immediately contacted all of our partners and experts in the space to investigate and resolve the situation. The issue has now been… 
 — 𝗚𝗲𝗺𝗣𝗮𝗱 (@TheGemPad) <a href="https://twitter.com/TheGemPad/status/1868977192157204726?ref_src=twsrc%5Etfw" rel="nofollow noopener" target="_blank">December 17, 2024</a>
</blockquote> 
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script> 
Code analysts pointed out the reason for the attack as a reentrancy on one of the functions that creates a token lock. The malicious <a href="https://x.com/pennysplayer/status/1869025663963091421" rel="nofollow" target="_blank">token transfer</a> allowed the hacker to get back the liquidity from several projects.&nbsp; 
The tokens affected were from three major chains – Ethereum, Base, and BNB Smart Chain. The GempadLock smart contract was the flawed entry point, due to lack for reentrancy protection.&nbsp; 
The exploit happened despite the recent <a href="https://www.cyberscope.io/audits/gems" rel="nofollow noopener" target="_blank">audit</a> by Cyberscope. GemPad was even given a high security score, though the flaw was found within one function in one smart contract. 
After the news of the exploit, the GEMS token backtracked slowly to $0.11. The native token of the Gem Pad platform already slid in the second half of 2024, and now trades at around $0.11.&nbsp; 
<h3 id="span-style-font-weight-400-gem-pad-projects-face-fallout-from-stolen-tokens-span">Gem Pad projects face fallout from stolen tokens</h3> 
The attacker drained resources from the security locks of Gem Pad, then swapped them for ETH and BNB and consolidated the haul. According to Gem Pad, only a handful of projects were affected, but the platform is now safe and back online. Only the Locker service is unavailable until further announcement.&nbsp; 
Token locks on Gem Pad are the smart contracts that hold some of the tokens transparently, ensuring they will not be sold in a rug pull. Launchpads are still a tool for distributing new tokens, in addition to meme token markets. <a href="https://www.cryptopolitan.com/grafun-the-memecoin-launchpad-on-bnb-chain/">Launchpad</a> volumes have decreased, yet Gem Pad has managed to attract a portfolio of projects.&nbsp; 
While Gem Pad itself is not compromised, it remained the central flaw point, due to the logic of its smart contract. However, the affected projects and communities are the ones that absorbed the losses.&nbsp; 
<h3 id="span-style-font-weight-400-five-projects-affected-by-drained-liquidity-span">Five projects affected by drained liquidity</h3> 
Munch Protocol was one of the projects to have their token lock attacked. However, the protocol announced its funds are safe and unaffected, and may be <a href="https://x.com/MunchToken/status/1869032309195669672" rel="nofollow" target="_blank">recovered</a> with the help of Gem Pad. Munch Protocol tokens are not yet traded, and have not felt the secondary effects of the hack. The protocol has not mentioned how it managed to keep its funds safe, and whether it has absorbed any direct losses. 
The Nutcoin Ecosystem was another project affected by the lock attack. This time, all of the project’s liquidity has been drained on Ethereum. At one point, four <a href="https://etherscan.io/address/0xfdd9b0a7e7e16b5fd48a3d1e242af362bc81bcaa" rel="nofollow noopener" target="_blank">transactions</a> of 100 ETH were sent directly to Tornado Cash, making them essentially unrecoverable.&nbsp; 
Anon was another project with drained liquidity, with <a href="https://gempad.app/locks/liquidity?id=235&amp;network=Base" rel="nofollow noopener" target="_blank">$3.6M</a> in value exposed. The Anon community on Base is not affected and personal wallets are safe. While $2.2M have been accounted to date, there may be a larger final accounting for all the tokens lost. 
FOMO Network also <a href="https://x.com/FOMOGlobal/status/1869007102058131677" rel="nofollow" target="_blank">reported</a> its liquidity pool on the launchpad was drained. As a result, the native <a href="https://coinmarketcap.com/currencies/fomo-network/" rel="nofollow noopener" target="_blank">FOMO</a> token crashed from $0.004 to $0.00098. The hack also <a href="https://x.com/AlienBaseDEX/status/1868943734559141956" rel="nofollow" target="_blank">affected</a> the newly launched DUB token by one of the partners of Alien Base DEX, a trading app on the Base chain.&nbsp; 
The hack also affected the liquidity for <a href="https://x.com/bpay_token/status/1869023927869014461" rel="nofollow" target="_blank">BPAY</a> tokens. The exploiter sent BPAY tokens directly to Uniswap V2, later transforming the haul into WETH. Immediately after the news, BPAY slid by <a href="https://dexscreener.com/base/0x8018b9b2588e19cfa7ccada66978665898131f4b" rel="nofollow noopener" target="_blank">75%</a>, from $0.004 to $0.001.&nbsp; 
While the Gem Pad attack was relatively small in terms of funds stolen, the secondary effects erased even more liquidity from the market. The loss may also further compromise the integrity of the tokens and projects affected. 
The attack came at a time when Gem Pad was expanding its activity on Base, and posting more content to drive investors to its launchpad projects. Multiple new launches are expected in the coming days, though for now no explanation has been given on the new method of locking up <a href="https://www.cryptopolitan.com/clober-vault-exploited-team-offers-bounty/">liquidity</a>. 
Land a High-Paying Web3 Job in 90 Days: <a href="https://www.cryptopolitan.com/crypto-career-launchpad-waitlist/?utm_source=cryptopolitan&amp;utm_medium=banner&amp;utm_campaign=ccl-waitlist-2" target="_blank">The Ultimate Roadmap</a>

The Gem Pad token launchpad has been exploited for $2M on multiple chains

Table of Contents

Cryptopolitan_News

Other articles published on Dec 17, 2024

HTX Ventures Identifies Five Rapidly-Growing Sectors in 2024, Expects Positive Crypto Regulations...

Institutional Funds Surge into Cryptocurrency Market

Bitcoin Spot ETFs See $637M Inflow, BlackRock Leads with $418M Surge

Bitcoin Targets $200,000: Analyst Gert van Lagen Shares Bold Prediction

Expert Forecast: XRP Price Could Hit $3 Amid RLUSD Launch, SUI Climbs to $5 and Catzilla Primed f...

Meta adds live AI, translate, Shazam features in its glasses

Join our free newsletter for daily crypto updates!