On top of the 2,000,000 USD PopcornSwap Rug-pull, two other DeFi projects, Zap Finance and Tin Finance, have run off with user funds.
The never-ending weeks of crypto continue to become one, having upwards of three rug-pulls on the BNB Chain (BSC), this week. On top of the 2,000,000 USD PopcornSwap Rug-pull, two other DeFi projects, Zap Finance and Tin Finance, have run off with user funds. This article should be a testament to the speculative nature of crypto markets and the inherent smart contract risk that underlies all DeFi protocols.
What Was Zap Finance?
Zap Finance displayed itself as a BSC-based DeFi protocol, ultimately stealing custody of users’ LP tokens. Zap Finance marketed itself as a “DeFi” lending and trading platform that aimed at a fair distribution through liquidity mining. This token promised aspects of frictionless yield generation and DEX AMM technology, which was all created piggy-backing off of other De-Fi protocols. The team began its launch on 1/28/2021, marketing the project’s fair distribution and the inception of liquidity rewards, which were all a sham.
This Rug-Pull method is one of the most commonly seen on the BSC, where the smart contract receives permission for unlimited spending of LP tokens. Nearly hours after opening the liquidity pools, the team swiped all liquidity and swapped the funds for BNB and BUSD. The following transaction displays the swap done using community LP tokens for BUSD and BNB.
Another transaction followed this one, in total the following “fraudulent” transactions were made:
Tx 1: 8660 BUSD
Tx 2: 307 BNB ($13,776)
Total: ~22,000 USD
Tin Finance Rugpull
There was also another more significant rug pull done by Tin Finance, making away with about $140,000 worth of liquidity. This project has also gone ghost since the incident, but there Twitter is still live. This rug-pull was structured in a bit of a differnt fashion, being that of a pre-sale scam; the project Tin Finance promised users a pre-sale of 100,000 USD in return for TIN tokens. This project used the Tin Finance contract deployer to siphon liquidity which was then converted to WBNB and bridged off of the BSC. Ultimately the team created a false ethos and promises of a pre-sale, to run off with users money.
Here are the subsequent transactions of the Tin Finance rug-pull:
https://www.bscscan.com/address/0xde508c7a6d374ecd29e0f45a92472ddc655394e7
https://www.bscscan.com/address/0x75b84a45fd046c01e3cd9ac725e991a8d28fe5f7
As previously stated when covering the PopcornSwap Rugpull-- this must serve as a fair warning of the high-risk nature of DeFi projects. While smart-contracts give developers the tool to create robust protocols, innovating traditional financial services, there are unfortunately inherent risks. These can be defined as smart contract risks; while this code allows users to develop trustless and decentralized protocols, they are not perfect. Malicious developers can leave loopholes in code to siphon users’ money. This has been the case for the latest rug-pulls on the BSC, where malicious developers have siphoned over 2,000,000 USD.
In other instances, developers may not recognize a critical error in their code. This is unavoidable as nothing is ever perfect, which was the case in the Harvest Finance hack. Unnoticed structural integrity in a smart contract can be easily exploited by malicious users who find vulnerabilities in the code and ultimately steal users’ funds.
Overall, smart contract risk is a prevalent issue in the DeFi space on both the Ethereum Network and the BNB Chain. At the same time, these are not insanely common occurrences, but they ever too frequent. We have published a few guides on the BSC News website, authored by The Ape, which help users safeguard against these instances:
How To Spot a Potential RUG — Clear signs something is sketchy
How to Keep Your Funds SAFE — MetaMask Guide
Unfortunately, in the current DeFi landscape, smart contract risks are very prevalent and should always be considered. As the space continues to mature, we can expect to see better audits, more educational awareness, and a general increase in safety. These tools are quickly developing with a large amount of insurance and audit protocols launching to help safeguard and protect users from these occurrences.
Overall it is vital to proceed with caution when purchasing highly speculative tokens. None of our articles are advice at the end of the day, and all financial decisions should be made on your behalf or from a professional financial advisor.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $1500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $2500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
Author
Related News
Prisma Finance Reportedly Hit by $9M Hack: What to Know
Prisma Finance paused its protocol operations for investigation and advised vault owners to disable delegate approval.
Reports have emerged indicating that DeFi platform Prisma Finance, fell victim to a hacking attack amounting to approximately $9 million. Cyvers, a web3 security platform, raised the alert after it detected suspicious transactions linked to the breach.
🚨UPDATE🚨Our system has detected multiple suspicious transactions with @PrismaFi and still ongoing!
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) March 28, 2024
Total loss so far is around $9M. Attacker has funded by @FixedFloat!
Our system has detected the malicious contract 2 min earlier than hack transactions!👇
Our system would… https://t.co/9myoV8DL22 pic.twitter.com/SxT5yYZy7U
Initial estimates suggest a loss of $9 million, with the attacker reportedly utilizing funds from the crypto exchange FixedFloat.
Backing up Cyvers' findings, blockchain security firm PeckShield has confirmed the attack, providing details on the assets targeted by the hacker. Among the stolen assets are Prisma mkUSD and wrapped stETH.
In response to the breach, Prisma Finance issued a statement on X acknowledging the potential exploit. The project reportedly halted its protocol operations to conduct a thorough investigation into the incident.
Additionally, Prisma Finance advised vault owners to disable delegate approval as a precautionary measure.
We are aware of a possible exploit on Prisma.
— Prisma Finance (@PrismaFi) March 28, 2024
Core engineering contributors will pause the protocol and investigate.
We'll share an update and a post-mortem.
From DeFi Future to Security Concerns
Prisma Finance was initially hailed as the future of decentralized finance (DeFi), offering solutions in the form of a new LSTFi protocol. It enabled users to mint a fully collateralized non-custodial and decentralized stablecoin, mkUSD, using Ethereum liquid staking tokens (LSTs) as collateral.
However, the recent exploit paints a stark contrast to the platform's previous reputation, raising concerns regarding cybersecurity in the DeFi space.
Rising Trends in Crypto Hacks
The hack on Prisma Finance adds to a concerning trend in the cryptocurrency space. According to a Feb. 29 report by blockchain security firm Immunefi, over $200 million worth of cryptocurrency was lost to hacks and rug pulls last February, across 32 individual incidents.
This represents a 15.4% increase compared to the same period in 2023. Ethereum remains the most targeted blockchain, with 12 attacks accounting for over 85% of the total value lost in February.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $1500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. The project team has purchased this advertisement article for $2500. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
Follow us on Twitter and Instagram!
If you need tools and strategies regarding safety and crypto education, be sure to check out the Tutorials, cryptonomics explainers, and Trading Tool Kits from BSC News.
Looking for a job in crypto? Check out the CryptoJobsNow listings!
Author
Try Now!
Sign up Now
Coming Soon
WIN BIG
Coming Soon
Start Earning Today!
Earn Now
Coming Soon
Sign Up Now
Play & Mine!
Coming Soon
Editors Choice
Other Currencies
- nameLTBuyLitecoin
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyEOS
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyMonero
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0% - nameLTBuyBitcoin Cash
Sponsored
Buy Crypto with Fees as low as 0%
Buy Crypto with a bank transfer, credit or debit card, P2P exchange, and more. Not investment advice. All trading risk. Terms apply.
£0£0+0%