RocketSwap Hacker Uses $870,000 Stolen Ethereum to Create Meme Coin $LoveRCKT

Updated: 16 August 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

A hacker stole $870,000 worth of Ethereum tokens from RocketSwap on Base and used the haul to set up a meme coin on Uniswap.

The development was revealed by security firm PeckShield in a tweet. It said RocketSwap, a decentralized exchange built on Coinbase’s new Layer 2 blockchain Base, lost 471 ETH, which the hacker had bridged from Base to Ethereum.

#PeckShieldAlert The @RocketSwap_Labs exploiter has grabbed ~471 $ETH and bridged them from #Base to #Ethereum, and then created the token $LoveRCKT, the exploiter already supplied 90T $LoveRCKT and 400 $ETH to #Uniswap https://t.co/z12YlLjbsn pic.twitter.com/Wxaph6lcuD

— PeckShieldAlert (@PeckShieldAlert) August 15, 2023

RocketSwap Hacker Launches a MemeCoin

The hacker quickly created a meme coin named $LoveRCKT with 90 trillion tokens. Meme coins are tokens inspired by internet memes or things that resonate with a certain community in the crypto space. The market’s largest meme coins by market capitalization are Dogecoin (DOGE) and Shiba Inu (SHIB).

To give them value, the hacker used 400ETH from the stolen lumpsum for liquidity on Uniswap. Despite its infamous origins, its price rose from $0.00000001 to $0.00000003 in one day. It then plunged more than 90% to trade at $0.0000001086.

RocketSwap faced accusations from users who claimed that the attack was orchestrated internally and was a rug pull. The decentralized exchange held its ground saying that the hacker was a third-party player who had managed to compromise the exchange’s systems.

This is only a problem with the farm contract, the team has urgently eliminated the loophole, and DEX has not been affected in any way

No need to run away, your funds are safe https://t.co/Evh89zDTms

— RocketSwap (@RocketSwap_Labs) August 15, 2023

RocketSwap Denies Rug Pull Allegations

According to RocketSwap, the platform’s farms, specialized pools that provide additional yield in the protocol’s native RCKT tokens for liquidity providers, first had an anomaly that the teams detected and investigated.

An hour later, the exchange reported that its cloud servers had suffered a “brute force hack” that exposed its private keys which granted the hacker access to the yield farms.

“We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server. A brute force hack of the server was detected, and due to the proxy contract used for the farm contract, there were multiple high-risk permissions that led to the transfer of the farm’s assets,” RocketSwap said.

As a result of the team's investigation

We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server.
A brute force hack of the server was detected, and due to the proxy contract used for the farm…

— RocketSwap (@RocketSwap_Labs) August 14, 2023

The attacker emptied the farm holding RCKT and Wrapped Ethereum (WETH) and later converted the RCKT tokens to about 471 ETH worth $866,500. This prompted the team to shut down the farm and revoke the “minting rights” for new positions.

Since the attack, RocketSwap has called for the hacker to return the assets stolen. RocketSwap also outlined its emergency plan, which includes redeploying a new farm contract and open-source it on-chain as well as relinquishing minting rights of RCKT.

The emergency programme agreed upon by the team is as follows.

1. We plan to redeploy a new farm contract by dropping the proxy contract and open sourcing it on-chain.

2. The new farm will advance the production reduction plan by 0.075 per block.

3. The team relinquishes…

— RocketSwap (@RocketSwap_Labs) August 15, 2023

Base’s Security Concerns

Base, which was incubated by crypto exchange Coinbase, is becoming known for cybersecurity attacks despite having been launched to the public just in July. Prior to the launch, the platform was exclusively accessible to developers resulting in over $200 million worth of assets being transferred over to Base from Ethereum.

The RocketSwap attack follows a hack on another decentralized exchange, LeetSwap, which resulted in a $630,000 loss on July 31. These consecutive breaches have raised concerns within the crypto community about the Base network’s security and associated decentralized applications considering how anticipated its launch was.