The Gem Pad token launchpad is posting suspicious transactions, on-chain research shows. The platform for token launches and sales was exploited for an estimated $2.2M.
Gem Pad is sending out suspicious transactions, pointing to an exploit of multiple chains and tokens. The Gem Pad team immediately mitigated the hack, explaining that multiple security locks had been breached.
IMPORTANT ANNOUNCEMENT
As some of you may have noticed, an incident occurred last night where someone managed to breach our security locks.
We immediately contacted all of our partners and experts in the space to investigate and resolve the situation. The issue has now been…
— 𝗚𝗲𝗺𝗣𝗮𝗱 (@TheGemPad) December 17, 2024
The tokens affected were from three major chains – Ethereum, Base, and BNB Smart Chain. The GempadLock smart contract was the flawed entry point, due to lack for reentrancy protection.
After the news of the exploit, the GEMS token backtracked slowly to $0.11. The native token of the Gem Pad platform already slid in the second half of 2024, and now trades at around $0.11.
Gem Pad projects face fallout from stolen tokens
The attacker drained resources from the security locks of Gem Pad, then swapped them for ETH and BNB and consolidated the haul. According to Gem Pad, only a handful of projects were affected, but the platform is now safe and back online. Only the Locker service is unavailable until further announcement.
Token locks on Gem Pad are the smart contracts that hold some of the tokens transparently, ensuring they will not be sold in a rug pull. Launchpads are still a tool for distributing new tokens, in addition to meme token markets. Launchpad volumes have decreased, yet Gem Pad has managed to attract a portfolio of projects.
While Gem Pad itself is not compromised, it remained the central flaw point, due to the logic of its smart contract. However, the affected projects and communities are the ones that absorbed the losses.
Five projects affected by drained liquidity
While the Gem Pad attack was relatively small in terms of funds stolen, the secondary effects erased even more liquidity from the market. The loss may also further compromise the integrity of the tokens and projects affected.
The attack came at a time when Gem Pad was expanding its activity on Base, and posting more content to drive investors to its launchpad projects. Multiple new launches are expected in the coming days, though for now no explanation has been given on the new method of locking up liquidity.