The decentralized science (DeSci) platform Pump Science has reported about the creation of fake tokens from its Pump.fun account due to a private key leak on GitHub. According to the team, the attacker used this opportunity to create fraudulent coins, including Urolithin from B to E (URO) and Cocaine (COKE).
The incident occurred on November 25, when the T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc wallet linked to the profile on the Pump.fun platform was compromised. The incident was caused by the negligence of BUILDERZ’s Solana developers, who left the private key to the wallet in the open source code on GitHub. They mistakenly believed that the key belonged to a test address. The fraudster used this data and gained access to the wallet. Then he launched unauthorized tokens on behalf of the team.
The Pump Science stopped using the compromised wallet and promised to conduct a series of audits of the Solana interface and programs. A reward program will also be announced to test the application’s security measures.
Before the hack, Pump Science launched only two tokens (which we mentioned here):
- Rifampicin (RIF) is an antibiotic used to treat tuberculosis.
- Urolithin A (URO) is a compound being investigated for its potential to improve mitochondrial function and muscle health.
The price of RIF and URO fell by more than 25% after the attack.
The Pump Science platform specializes in creating tokens tied to research in the field of longevity medicine. The project describes itself as a gamified longevity research initiative that allows token holders to obtain intellectual property rights to research on various chemical compounds.
Source: Pump Science
Spelling error report
The following text will be sent to our editors: