PeckShield, the reputable blockchain security company, alerted investors of a possible rug pull event after MetaSwap’s MGAS token lost just under 47% of its value, CoinTelegraph reported.
A rug pull is where crypto developers abandon a project and run away with investors’ funds. The MetaSwap protocol allowed NFT swaps over Binance Smart Chain, Ethereum, and Polygon.
All official MetaSwap accounts removed
After the dramatic drop, all official accounts connected to Metaswap Gas were removed, including Instagram, Twitter, and Medium. This gave great credibility to PeckShield’s claims.
PeckShield tweeted:
PeckShield has detected that MetaSwapMGAS soft-rugged, the stolen funds (1,100 BNB) are transfered to TornadoCash (#BSC). DO NOT STAKE in this contract and if you’ve approved it, REVOKE.
The BNB tokens, which were worth around $600,000, were transferred to an account on Tornado Cash, a non-custodial solution running on Ethereum that is used to destroy the link between sender and recipient. This makes stolen funds harder to trace.
Crypto exchanges lost more than $600M to hackers in December
This month alone, a number of exchanges fell victim to a series of exploits, leading to losses of over $600 million in total. Among them were Grim Finance, BitMart, AscendEX, and Bent Finance, who promised to return all the funds stolen to investors. On December 21, Bent Finance proactively asked investors to withdraw their funds after confirming the attack in the following tweet:
There was an exploit from the bent deployer address, it added balance of cvxcrv and mim to an address on an unverified update 20 days ago. We just discovered this today. There are multiple members on this team and we will make this right. We recommend you withdraw from the protocol until further notice.
Bent Finance lost more than $1.6M
According to TRM Labs’ Joseph McGill, a crypto fraud investigator and former member of the United States Secret Service, the hackers managed to steal around 440 ether (ETH). At the time, this was equivalent to over $1.6 million. Bent Finance has yet to announce how they intend to compensate investors.
Attack started almost two weeks earlier
After conducting an investigation, McGill found the attack may have started as early as December 12. This finding contradicts Bent Finance’s claim that the attacker had been present in their system since December 1.
Indian PM Modi’s Twitter also hacked
Another breach this month was of Indian Prime Minister Narendra Modi’s Twitter account. Albeit momentarily, the account was used to disseminate false information about Bitcoin’s mainstream adoption in the country.
