A new exploit has rocked PancakeSwap, the largest decentralized exchange (DEX) on the BNB Chain, as an attacker manipulated Four.meme, a memecoin project, to drain liquidity.
The exploit, revealed by SlowMist, highlights critical security flaws in DeFi platforms, raising concerns over how pre-launch restrictions can be bypassed.
What is Four.meme and How Was It Exploited?
Four.meme is a BNB Chain-based memecoin that recently launched with growing community interest. Like many new tokens, it implemented transfer restrictions (MODE_TRANSFER_RESTRICTED) before its official trading began. However, according to SlowMist, an attacker found a loophole using the 0x7f79f6df function, allowing them to buy a small number of tokens before launch.
Instead of waiting for the official trading window, the attacker sent these tokens to a PancakeSwap Pair address that had not yet been created. This move enabled them to establish liquidity on their own terms, sidestepping the contract’s built-in restrictions.
With control over the token’s initial pricing, the attacker manipulated the liquidity pool and drained its funds. Moreover, Blockchain records confirm the exploit, with transaction details available on BscScan.
Commenting on the incident, @EUGeneFreeman noted that it serves as “a crucial reminder of the complexities in token launches and the need for robust security measures to prevent such vulnerabilities.” As DeFi adoption grows, developers and exchanges face increasing pressure to address these risks and safeguard user funds.
PancakeSwap Faces Another Liquidity Breach
This is not the first time PancakeSwap has seen a liquidity drain. In November 2022, developers of the pNetwork bridge executed a so-called “white hat” exploit, draining $4.3 million from PancakeSwap due to a smart contract flaw. At the time, the pNetwork team claimed the move was necessary to secure user funds before redeploying their contract.
The latest Four.meme exploit comes at a time when PancakeSwap is experiencing significant growth. The DEX recently benefited from a surge in memecoin trading and its V4 upgrade, which pushed its CAKE token price higher. Cybertecwiz reported on PancakeSwap’s booming activity, highlighting its role as a key platform for DeFi traders.
As PancakeSwap continues its expansion on the BNB Chain, security incidents remain a challenge. The Four.meme exploit highlights how liquidity manipulation tactics can be used to bypass token restrictions, raising concerns within the DeFi community.
