Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesEarnWeb3SquareMore
Trade
Spot
Buy and sell crypto with ease
Margin
Amplify your capital and maximize fund efficiency
Onchain
Going Onchain, without going Onchain!
Convert
Zero fees, no slippage
Explore
Launchhub
Gain the edge early and start winning
Copy
Copy elite trader with one click
Bots
Simple, fast, and reliable AI trading bot
Trade
USDT-M Futures
Futures settled in USDT
USDC-M Futures
Futures settled in USDC
Coin-M Futures
Futures settled in cryptocurrencies
Explore
Futures guide
A beginner-to-advanced journey in futures trading
Futures promotions
Generous rewards await
Overview
A variety of products to grow your assets
Simple Earn
Deposit and withdraw anytime to earn flexible returns with zero risk
On-chain Earn
Earn profits daily without risking principal
Structured Earn
Robust financial innovation to navigate market swings
VIP and Wealth Management
Premium services for smart wealth management
Loans
Flexible borrowing with high fund security
Pond.fun hacked by insider; Chainalysis and Elliptic tapped to block funds’ withdrawal

Pond.fun hacked by insider; Chainalysis and Elliptic tapped to block funds’ withdrawal

Crypto.NewsCrypto.News2025/03/04 16:00
By:By Darya NassedkinaEdited by Dorian Batycka

Pond.fun, the meme coin launchpad hosted on Linea, has been hacked by the project’s chief software engineer. 

According to Pond.fun’s official disclosure on X , Pond.fun has been hacked this morning, with the initial on-chain and off-chain evidence pointing to a software engineer on Pond.fun’s team. The platform told users to avoid interacting with pond.fun in any capacity, including the efrogs and croak websites, but assured that Discord and Telegrams are still secure.

1️⃣ https://t.co/nEexigW8vL has been hacked this morning. Do not interact with https://t.co/Lrt9ct9mtG in any capacity. It appears the exploiter is a software developer on the https://t.co/Lrt9ct9mtG team. Because of this, the efrogs and croak website are also at risk, pending…

— pond.fun (@ponddotfun) March 5, 2025

The attacker stole liquidity from Pond.fun’s smart contract and transferred the tokens to the privacy protocol Railgun, a privacy protocol that allows users to shield their transactions on the blockchain. The platform published a list of mainnet addresses that received and deposited the stolen assets. The total amount transferred was 64.8 Ethereum ( ETH ).

Pond.fun has tapped Chainalysis and Elliptic, blockchain analytics firms that track illicit crypto transactions, to help prevent the stolen funds from passing proof of innocence—since some centralized exchanges and other “serious” offramps require users to provide POI under Railgun. Failure to pas POI checks will ensure that the hacker cannot withdraw the funds from Railgun. 

The situation echoes the recent hack of stablecoin bank Infini because it was also done by an insider. Specifically, the developer who helped set up the smart contract retained admin rights and then used these rights to drain the funds through Tornado Cash ( TORN ). Infini is still working to recover the stolen assets. The hack drained almost $50 million from Infini’s wallet and was identified as the second biggest loss in Feb. by Certik. 

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!