Based Doge Memecoin Hacked, $91.4M Tokens Stolen
In A Nutshell
The memecoin protocol, Based Doge (BOGE), suffered a significant exploit on the Base network on May 27, leading to the drainage of 91.4 million BOGE tokens and a stark price crash. This attack mirrors a similar vulnerability exploited in the Normie attack just a day earlier. The Based Doge team has confirmed the incident, planning to compensate victims post a project relaunch. This event underscores the persistent risk smart contract vulnerabilities pose in the cryptocurrency space.
Details of the Attack
On the fateful day, an attacker executed over 120 transactions from an account, each transaction siphoning hundreds of thousands of BOGE tokens into their control, cumulating to a total of approximately 91.4 million BOGE. The method of attack involved calling an unverified function on a smart contract, making it difficult to scrutinize the attacker’s exact method due to the contract’s code being non-human-readable.
Following the mass acquisition of BOGE, the attacker converted the tokens into approximately 4.47 Ether (ETH), valued around $16,926 at the time. Despite the relatively small gain for the attacker, the impact on BOGE’s price and market cap was disastrous — plummeting from a market cap of roughly $2.9 million to losing over $2.8 million in value.
Comparative Analysis with Normie Exploit
An analysis by Web3 insurance provider Neptune Mutual suggested that the Normie attack involved exploitation of a faulty function allowing unauthorized minting of new tokens under specific conditions. The attacker achieved a balance identical to the deployer wallet, gaining the ability to mint new tokens. This security breach in Normie led to over $800,000 in losses, setting a precedent for the type of vulnerability that Based Doge fell victim to.
Continued Risks in Smart Contract Security
The Based Doge exploit is not an isolated incident but part of a worrying trend of smart contract vulnerabilities in the crypto world. Just earlier in May, Sonne Finance and Solana memecoin platform Pump.fun fell victim to similar exploits, resulting in the loss of millions of dollars. These incidents highlight the critical need for heightened security measures and rigorous smart contract auditing within the DeFi and broader cryptocurrency ecosystem.
Our Take
The exploitation of Based Doge underscores a persistent challenge in the cryptocurrency space: the balance between innovation and security. While memecoins and similar projects often bring a sense of community and fun to the blockchain, they also present targets for opportunistic actors exploiting smart contract vulnerabilities. This incident serves as a stark reminder for developers and investors alike to prioritize security and due diligence in their operations and investments. As the industry continues to evolve, so too must the strategies to protect it from such vulnerabilities. Both project teams and investors must remain vigilant, advocating for and supporting advancements in security protocols to safeguard the ecosystem from these exploitable weaknesses.
