Four.Meme has halted operations and promised compensation to the affected users.
The BNB Chain-based meme coin launch platform Four.Meme was attacked once again.
PeckShield has reported a fresh attack that resulted in the theft of approximately 200 BNB (worth around $130,000). The stolen funds have already been transferred to FixedFloat, a non-custodial exchange.
Blockchain security firm SlowMist was the first to issue a security alert regarding the exploit and revealed that an attacker manipulated the 0x7f79f6df function to gain an unfair advantage before the token’s official launch on Four.Meme.
By purchasing a small number of tokens early, the attacker was able to send them to a PancakeSwap Pair address that had not yet been created. This allowed them to establish the Pair and add liquidity without being subject to the transfer restrictions (MODE_TRANSFER_RESTRICTED) that were meant to prevent unauthorized transactions before launch.
By setting liquidity at an unintended price, the attacker ultimately drained pool liquidity, resulting in significant financial losses for the project and its users.
Confirming the attack, Four.Meme said that it is actively investigating an attack and has suspended its launch function. Affected users can submit damage claims for verification. Once the review process is complete, the platform has assured that compensation will be provided within the week to those impacted.
“Currently, Four.Meme is under attack, and the launch function has been suspended for emergency investigation. Our team is working hard to fix the problem and ensure system security. Thank you for your understanding and support. We will continue to update the progress.”
This isn’t the first time Four.Meme has faced security breaches. In February, an attacker exploited platform vulnerabilities, leading to a loss of $183,000. The perpetrator set up a fake liquidity pool on PancakeSwap V3 ahead of the legitimate one and manipulated liquidity mechanics.
To address the situation, Four.Meme paused liquidity functions and reassured users that funds remained safe.