A major security breach at the decentralized science (DeSci) platform Pump Science led to a public apology after private keys linked to its Pump.fun profile were exposed on GitHub.
This breach enabled a hacker to exploit the vulnerability by creating counterfeit tokens, including Urolithin B to E (URO) and Cocaine (COKE).
Users were warned to avoid purchasing tokens launched from the compromised Pump.fun profile, as the team did not authorize these.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
What is Algorand? ALGO Coin Explained With Animations
During a November 27 ask-me-anything (AMA) session on X, Pump Science representative Benji Leibowitz addressed the severity of the situation. “We do not want to diminish how much of a screw-up this was, we totally acknowledge that this is a huge issue and misstep on our part”, he stated.
Leibowitz emphasized that such an incident would not recur before committing:
We’re never gonna launch tokens on pump.fun ever again.
The mishap was partially attributed to Solana
However, Pump Science ruled out BuilderZ as the attacker, citing differences in how the counterfeit tokens were launched on the Solana blockchain.
The platform presumes the culprit may be connected to an earlier attack on James Pacheco, co-founder of the Solana-based commodity tokenization platform elmnts.
Following the incident, Pump Science partnered with blockchain security firm Blockaid to monitor and flag suspicious token mints originating from the compromised wallet address. They also renamed its Pump.fun profile to “dont_trust” to deter further purchases of illegitimate tokens.
Pump Science has announced a full audit of its application and front end, as well as the introduction of bug bounties for identifying vulnerabilities in future releases.
While Pump Science is taking steps to rebuild trust, the crypto space continues to witness high-profile controversies. Recently, a former Fortnite pro faced accusations of orchestrating a $3.5 million memecoin scam. How did a gaming star become the center of a crypto scandal? Read the full story.