💥💥💥 Base #DeFiProject disappears after #RugPull
BaseBros Fi Disappears After Orchestrating Rug Pull on Base Blockchain
- BaseBros Fi, a decentralized finance (DeFi) yield optimization protocol on the Base blockchain, vanished from the internet after allegedly stealing users' funds through an unaudited smart contract.
- On September 13, BaseBros deleted its official website and removed its social media presence, including its accounts on X (formerly Twitter) and Telegram. Blockchain security firm Chain Audits, which had previously reviewed some of BaseBros' contracts, revealed that the platform executed a rug pull through an "unaudited and unverified Vault contract."
- BaseBros had garnered a following of roughly 2,000 users on X and 3,300 members on Telegram before it disappeared.
Rug Pull Exploited Vulnerable #smartcontract
- Chain Audits reported that it had reviewed four of the five smart contracts used by BaseBros, but the contract responsible for the rug pull—called the Vault contract—was not included in the audit scope. This contract contained a backdoor vulnerability that allowed the project's owners to siphon funds from the 'Strategy' contract.
No Impact on Seamless Protocol
- The rug pull initially raised concerns about the Seamless protocol due to similarities in contract labeling, but blockchain investigator Cyvers clarified that only BaseBros was affected. The attacker funneled $130,000 worth of stolen funds through Tornado Cash, a crypto mixing service.
- Seamless reassured users that their funds were safe following an internal investigation into the BaseBros incident. Chain Audits confirmed that only BaseBros was affected, with funds drained from multiple pools.
Hackers Celebrate DeFi Exploits
- The hacker behind the $27 million Penpie DeFi hack received praise from the Euler Finance attacker, who called it a rare and impressive hack. The Euler hacker, who had returned 90% of the $195 million stolen for legal immunity and a 10% reward, congratulated the Penpie hacker in an on-chain message.
Source - cointelegraph.com