Original title: Pump.science wallet private key leak: an unfinished storm
Original author: Karen, Foresight News
On the evening of November 25, the address marked as the creator of RIF and URO on pump.fun issued the Urolithin B (URO) token, which made many community members mistakenly believe that this was the official token issued by pump.science. Urolithin B (URO) quickly graduated and within two minutes of joining the liquidity pool, its market value soared to $10 million, but then began to fall continuously, and its current market value has fallen back to about $100,000.
The event also appears to have had an impact on the market performance of Urolithin A (URO) and Rifampicin (RIF), both of which fell more than 30% in 24 hours. So, what exactly is going on?
pump.science wallet key pair leaked
The cause of the incident was the leakage of pump.sciences wallet key pair.
According to pump.science officials, due to an oversight in its GitHub repository, the wallet address T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc was attacked, and the attacker found the key pair in the source code of the website. The key pair was used for testing purposes in pump.sciences GitHub from the beginning, and the development team did not realize its importance.
From the fraudulent URO token page that appeared on pump.fun last night, we can see that the wallet address that deployed this fake token is T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc. The pump.fun platform shows that this address has deployed two official tokens, Urolithin A (URO) and Rifampicin (RIF), off-chain, with current market capitalizations of approximately $87 million and $37 million, respectively.
The URO tokens used in this scam were issued on the chain by the address starting with T5j2UBT of the leaked key pair. This is why pump.fun shows that the official URO and RIF token deployers have issued new coins.
pump.science stated that the wallet is the creator of off-chain tokens marked as URO and RIF on pump.fun. The attacker may use the wallet to issue more tokens. In addition to URO and RIF, any other tokens issued by this wallet should be considered a scam.
It is worth noting that pump.science officials did not take any remedial or compensation measures for those users who mistakenly believed and took over the fraudulent URO tokens, which aroused widespread concern and heated discussion in the community.
pump.fun off-chain creation function causes confusion in blockchain browsers and data tools
Also causing confusion in the community is the display of token creators in pump.fun, blockchain browsers, and data tools.
The official URO and RIF tokens of pump.science were created off-chain by pump.fun, while the scam URO was created on-chain by pump.fun. However, the blockchain browser solscan shows that the deployer addresses of Urolithin A (URO) and Rifampicin (RIF) are: BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ.
Next, lets take a look at the off-chain token issuance function of pump.fun. On the pump.fun platform, off-chain token issuance is free, and tokens will not be immediately put on the chain after issuance, and will not be recorded on the chain until the first buyer appears. The first buyer needs to pay the issuance cost of the token. Therefore, for tokens created off-chain, the first buyer is often mistaken as the deployer of the token by data tools such as blockchain browsers solscan or GMGN.
For example, after the official URO and RIF tokens were created off-chain, the first purchaser’s wallet address BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ was mistakenly marked as the deployer of the tokens by solscan or GMGN.
Here, the author reminds investors that when investing in Meme tokens, they should distinguish and verify the tokens created on and off the pump.fun chain to avoid falling into scam traps. In addition, they should also be vigilant about any potential tokens issued by the wallet starting with T 5 j 2 UBTvLY leaked by pump.science. At the same time, we also hope that the platform and token deployers can enhance security measures to prevent the recurrence of such scams.