What Happened to SafeMoon?

In March, the cryptocurrency world shook as SafeMoon fell victim to a cunning exploit, resulting in a staggering loss of $8.9 million in BNB. The ensuing chaos has not only drawn the attention of crypto enthusiasts but also that of the U.S. Securities and Exchange Commission (SEC), which has since charged SafeMoon with serious violations of securities rules and fraud.

The Great CEX Heist

According to blockchain analysis firm Match Systems, the funds involved in this exploit have been snaking their way through various centralized exchanges (CEXs). Sean Thornton from Match Systems noted that these CEXs could serve as ideal intermediate links for laundering the ill-gotten gains.

“On CEXs, funds could be exchanged for other tokens and withdrawn further…”

Thornton pointed out the difficulties in tracing the movement of funds through CEXs without law enforcement intervention. It begs the question: Is it a convenience for hackers or a clever ruse? Either way, CEXs seem to be the go-to choice for shady transactions, beating out decentralized exchanges in this cat-and-mouse game.

Unpacking the Exploit

A post-mortem of the SafeMoon smart contract revealed the Achilles’ heel: a vulnerability in the “Bridge Burn” feature. This flaw allowed bad actors to call the “burn” function on SafeMoon (SFM) tokens at any address. In simpler terms, it was like giving the green light for robbers to ransack the place on a wild shopping spree.

The exploit led to a massive surge in token transfers, with the hackers siphoning 32 billion SFM tokens. They played the market like a fiddle, using the price pump to trade some of those tokens for BNB at a juicy inflation rate, resulting in a shiny haul of 27,380 BNB.

Inside Job Speculation

Interestingly, the Krypto-Karens of the space have speculated about the possibility of an insider job. The vulnerability, which was not present in earlier versions of the smart contract, appeared with a new update on March 28, coinciding suspiciously with the date of the exploit. Thornton hinted that the SEC’s allegations against SafeMoon management weren’t unwarranted. The question on everyone’s lips is: Did the SafeMoon team turn a blind eye, or were they complicit in the crime?

Legal Trouble Brewing

The legal implications for SafeMoon are hefty. The SEC has charged CEO John Karony and CTO Thomas Smith with embezzling investor funds and withdrawing $200 million from the enterprise. They are also wrestling with charges from the U.S. Justice Department for conspiring to pull off wire fraud, money laundering, and securities fraud. Talk about a legal tangle!

Meanwhile, the hacker initially claimed that the exploit was accidental and offered to return 80% of the scooped funds. However, those funds have continued to be washed through CEXs, which analyses believe will be crucial for tracing the trail back to the culprit. Will the perps be caught, or will they vanish into the blockchain ether? Only time will tell.