Currencies38131
Market Cap$ 2.28T+0.28%
24h Spot Volume$ 25.62B-21.4%
DominanceBTC56.34%+0.06%ETH9.61%+1.33%
ETH Gas0.17 Gwei
Cryptorank
/

Pump Science apologizes after GitHub key leak leads to fraudulent tokens


Pump Science apologizes after GitHub key leak leads to fraudulent tokens

Share:

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Pump Science, a decentralized science platform, has apologized to its users after its private key was inadvertently exposed on GitHub. The leaked private key, T5j2UB…jjb8sc, allowed a ‘known attacker’ to hijack the wallet and create fraudulent tokens tied to its Pump.fun profile. 

In a series of X posts from November 25 to November 27, Pump Science disclosed the security breach on one of its wallet addresses and asked its users not to trust any tokens released on its Pump.fun profile. The platform even changed its Pump.fun profile name to “dont_trust” to warn users not to buy any newly launched tokens.

Pump Science revealed the security attack on one of its wallet addresses

The company clarified that the private key, T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc, linked to their Pump.fun profile, was compromised, allowing ‘the known attacker’ to launch fraudulent Urolithin (URO) and Rifampicin (RIF) tokens.  

Pump Science’s Benji Leibowitz, on November 27, in an X AMA session, said, “We do not want to diminish how much of a screw-up this was; we totally acknowledge that this is a huge issue and misstep on our part,” apologizing to the platform’s users.

Benji further guaranteed that such incidents would never occur again and stated that the platform would no longer release tokens on Pump.fun.

Moreover, the DeSci platform has maintained that security will be its top priority. It plans to incorporate consultative and competitive audits on its application and smart contracts. Once all necessary audits are done, any new tokens will be launched next year.

It is even working with blockchain security firm Blockaid to track any new mints from the compromised address.

Pump Science has its suspicions on who the attacker could be

Pump Science pointed to BuilderZ, a Solana-based software company, as partly at fault for the incident. They blamed the firm for leaving the private key for the developer wallet “T5j2U…jb8sc” exposed in their GitHub repository and mistakenly believing it belonged to a test wallet.

However, they explained that, after analyzing the techniques used to launch tokens on Solana’s chain, they did not think BuilderZ was the attacker. 

Pump Science instead believes that the hacker could be the same person or group of people who hacked a wallet owned by James Pacheco, a founder of Solana-based commodity tokenization platform “elmnts.”

Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap

Read the article at CryptoPolitan

In This News

Coins

$ 0.00717

+0.71%

$ 0.0408

$ 0.000207

$ 77.72

0%

$ 0.0245


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

In This News

Coins

$ 0.00717

+0.71%

$ 0.0408

$ 0.000207

$ 77.72

0%

$ 0.0245


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

Read More

Solana (SOL) Price Outlook 2026-2030: Technical Analysis and Long-Term Forecast

Solana (SOL) Price Outlook 2026-2030: Technical Analysis and Long-Term Forecast

BitcoinWorld Solana (SOL) Price Outlook 2026-2030: Technical Analysis and Long-Term ...
Bitcoin, Solana, and Hyperliquid Show Promise for July Upside — Here’s Why

Bitcoin, Solana, and Hyperliquid Show Promise for July Upside — Here’s Why

Data from CryptoQuant reveals that, despite the market's struggle with bearish sentim...