A major security breach at the decentralized science (DeSci) platform Pump Science led to a public apology after private keys linked to its Pump.fun profile were exposed on GitHub.
This breach enabled a hacker to exploit the vulnerability by creating counterfeit tokens, including Urolithin B to E (URO) and Cocaine (COKE).
Users were warned to avoid purchasing tokens launched from the compromised Pump.fun profile, as the team did not authorize these.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe – We publish new crypto explainer videos every week!
Candlesticks, Trendlines & Patterns Easily Explained (Animated Examples)
During a November 27 ask-me-anything (AMA) session on X, Pump Science representative Benji Leibowitz addressed the severity of the situation. “We do not want to diminish how much of a screw-up this was, we totally acknowledge that this is a huge issue and misstep on our part”, he stated.
Leibowitz emphasized that such an incident would not recur before committing:
We’re never gonna launch tokens on pump.fun ever again.
The mishap was partially attributed to Solana
$236.76
-based software developer BuilderZ, which mistakenly left private keys for the developer wallet “T5j2U…jb8sc” in its GitHub codebase. BuilderZ had assumed the keys were linked to a test wallet rather than the actual development wallet.
However, Pump Science ruled out BuilderZ as the attacker, citing differences in how the counterfeit tokens were launched on the Solana blockchain.
The platform presumes the culprit may be connected to an earlier attack on James Pacheco, co-founder of the Solana-based commodity tokenization platform elmnts.
Following the incident, Pump Science partnered with blockchain security firm Blockaid to monitor and flag suspicious token mints originating from the compromised wallet address. They also renamed its Pump.fun profile to “dont_trust” to deter further purchases of illegitimate tokens.
Pump Science has announced a full audit of its application and front end, as well as the introduction of bug bounties for identifying vulnerabilities in future releases.
While Pump Science is taking steps to rebuild trust, the crypto space continues to witness high-profile controversies. Recently, a former Fortnite pro faced accusations of orchestrating a $3.5 million memecoin scam. How did a gaming star become the center of a crypto scandal? Read the full story.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
