Search Inside Bitcoins

RocketSwap Hacker Uses $870,000 Stolen Ethereum to Create Meme Coin $LoveRCKT

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

RocketSwap Attack
RocketSwap Attack

Join Our Telegram channel to stay up to date on breaking news coverage

A hacker stole $870,000 worth of Ethereum tokens from RocketSwap on Base and used the haul to set up a meme coin on Uniswap.

The development was revealed by security firm PeckShield in a tweet. It said RocketSwap, a decentralized exchange built on Coinbase’s new Layer 2 blockchain Base, lost 471 ETH, which the hacker had bridged from Base to Ethereum.

RocketSwap Hacker Launches a MemeCoin

The hacker quickly created a meme coin named $LoveRCKT with 90 trillion tokens. Meme coins are tokens inspired by internet memes or things that resonate with a certain community in the crypto space. The market’s largest meme coins by market capitalization are Dogecoin (DOGE) and Shiba Inu (SHIB).

To give them value, the hacker used 400ETH from the stolen lumpsum for liquidity on Uniswap. Despite its infamous origins, its price rose from $0.00000001 to $0.00000003 in one day. It then plunged more than 90% to trade at $0.0000001086.

RocketSwap faced accusations from users who claimed that the attack was orchestrated internally and was a rug pull. The decentralized exchange held its ground saying that the hacker was a third-party player who had managed to compromise the exchange’s systems.

RocketSwap Denies Rug Pull Allegations

According to RocketSwap, the platform’s farms, specialized pools that provide additional yield in the protocol’s native RCKT tokens for liquidity providers, first had an anomaly that the teams detected and investigated.

An hour later, the exchange reported that its cloud servers had suffered a “brute force hack” that exposed its private keys which granted the hacker access to the yield farms.

“We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server. A brute force hack of the server was detected, and due to the proxy contract used for the farm contract, there were multiple high-risk permissions that led to the transfer of the farm’s assets,” RocketSwap said.

The attacker emptied the farm holding RCKT and Wrapped Ethereum (WETH) and later converted the RCKT tokens to about 471 ETH worth $866,500. This prompted the team to shut down the farm and revoke the “minting rights” for new positions.

Since the attack, RocketSwap has called for the hacker to return the assets stolen. RocketSwap also outlined its emergency plan, which includes redeploying a new farm contract and open-source it on-chain as well as relinquishing minting rights of RCKT.

Base’s Security Concerns

Base, which was incubated by crypto exchange Coinbase, is becoming known for cybersecurity attacks despite having been launched to the public just in July. Prior to the launch, the platform was exclusively accessible to developers resulting in over $200 million worth of assets being transferred over to Base from Ethereum.

The RocketSwap attack follows a hack on another decentralized exchange, LeetSwap, which resulted in a $630,000 loss on July 31. These consecutive breaches have raised concerns within the crypto community about the Base network’s security and associated decentralized applications considering how anticipated its launch was. 

Related Articles

Smog (SMOG) - Meme Coin With Rewards


Smog token
  • Airdrop Season One Live Now
  • Earn XP To Qualify For A Share Of $1 Million
  • Featured On Cointelegraph
  • Staking Rewards - 42% APY
  • 10% OTC Discount -
Smog token

Join Our Telegram channel to stay up to date on breaking news coverage

Read next