Table content
**Pond.fun Suffers Intrusion by Internal Source; Chainalysis and Elliptic Collaborate to Halt Finances**
Pond.fun, a meme token launchpad on Linea, has experienced a cyberattack, with the offender recognized as the project’s personal chief software programmer.
In a formal declaration on X, Pond.fun disclosed that the platform was compromised earlier today, with both on-chain and off-chain proof directing to a software programmer on the Pond.fun crew. Users have been cautioned to avoid engaging with pond.fun in any way, including the efrogs and croak websites, for security reasons. However, Discord and Telegram are said to remain safe.
The assailant unlawfully exhausted liquidity from Pond.fun’s smart contracts, transferring the tokens to Railgun, a privacy protocol that enables unknown transactions on the blockchain. A list of mainnet addresses that received and deposited the stolen assets, totaling 64.8 ETH, has been issued.
To follow the unlawful crypto transactions and prevent the stolen finances from exiting through Proof of Innocence (POI), Pond.fun has collaborated with blockchain analytics firms Chainalysis and Elliptic. Some centralized exchanges and other “legitimate” channels require users to supply POI when using Railgun. Failure to pass POI verification would prevent the hacker from withdrawing finances from Railgun.
This occurrence is comparable to the recent Infini stablecoin bank hack, which was also carried out by an internal source. A developer who helped configure the smart contracts retained administrative privileges and used them to transfer finances through Tornado Cash (TORN). Infini is still working to recover the stolen assets.
The Infini hack resulted in the theft of nearly $50 million from Infini’s wallets and was identified by Certik as the second-largest loss in February. Toncoin (TON) Value Forecast for March 26th
