Swaprum, a decentralized exchange built on the Arbitrum network, has allegedly conducted a rug-pull on its users, swiping $3 million worth of customer deposits from the platform. A rug-pull or exit scam occurs when a seemingly legitimate project ropes in a certain amount of investment or user deposits before promptly shutting everything down, pulling the capital and vanishing off into the distance. According to blockchain security firm Peck Shield, the bad actors swiped 1,628 Ether worth roughly $2.95 million from Swaprum’s liquidity pools, bridged it to Ethereum, and then “laundered” almost all of those funds through crypto mixer Tornado Cash. Following the incident, Swaprum’s Twitter, Telegram, and Github accounts have all been deleted, however, the website is still operational at the time of writing. A fellow blockchain security firm, Beosin, claimed that the “deployer of Swaprum used the add() backdoor function to steal LP [liquidity provider] tokens staked by users, then removed liquidity from the pool for profit”. The developers allegedly “upgraded the normal liquidity collateral reward contract to a contract containing backdoor functions”. As per CertiK’s disclaimers, it “conducts security assessments on the provided source code exclusively,” and can’t guarantee that its recommendations are integrated. In the audit, CertiK flagged a “major” issue with how centralized Swaprum was.
About the author - J-S Tremblay
I've been involved in the cryptocurrency world since 2016 and trading since 2019. I started Moon and Lambo in 2021. I'm passionate about crypto and love to share my knowledge. I hate bankers and I hope that cryptocurrency will change the financial world for the better. View full profile...
View J-S Tremblay website
