Close Menu
    Altcoins

    Pump Science Leaks Private Keys and Faces Counterfeit Token Issue, Shifts to Enhanced Security Measures

    By No Comments3 Mins Read
    robber, burglar, mugger, thief, hacker, crime, criminal, bag, coin, crypto, hack, steal, robbery

    30s Summary

    Pump Science, a decentralized science system, inadvertently leaked its private keys onto GitHub, allowing a hacker to create counterfeit tokens. Warning users not to trust any new tokens from their compromised Pump.fun profile, they changed their profile name to “dont_trust” and are working with blockchain security firm Blockaid to prevent further issues. The organization blamed software company BuilderZ for some of the mess. Moving forward, Pump Science commits to thorough audits, penetrating testing, and improved key management and security.

    Full Article

    Pump Science, a decentralized science system, recently realized their private key got slipped onto GitHub by mistake. This mess-up let a bad guy sneak in and create some fake tokens using Pump Science’s profile on Pump.fun. Benji Leibowitz from Pump Science admitted it was a massive screw-up during an online AMA (Ask Me Anything) session and assured it won’t happen again. No more tokens will be launched by them on Pump.fun after this foul-up.

    On earlier posts, Pump Science revealed their private keys associated with their Pump.fun profile were accidentally leaked onto GitHub. This gave the hacker a chance to use it and create new counterfeit tokens. They advised not to trust any new tokens launched from their Pump.fun profile because they’re not legit, and the profile has been compromised.

    To stop people from buying the misleading tokens, Pump Science changed its profile name to “dont_trust”. They’ve also joined hands with Blockaid, a blockchain security firm, to keep an eye out for any false mints coming from this account.

    Pump Science did pass some blame onto BuilderZ, a software company, for accidentally leaving the private key for the developer wallet in its GitHub codebase. This caused a whole mix-up between the test wallet and dev wallet. But Pump Science reckons that the hacker is probably the same person or group that previously hacked a wallet owned by James Pacheco – founder of a commodity tokenization platform.

    To prevent this from happening again, the Pump Science team went on to say that they will carry out a full audit of their front end, run a bug bounty for penetration testing of the protocol, and scout out better options for key management and security. Any new tokens will only be launched after thorough checks are done to ensure everything is secure and tight.

    Pump Science’s platform basically lets people trade tokens that are tied to medicines. Its only two tokens are Rifampicin (RIF) and Urolithin A (URO), used for tuberculosis and as a dietary supplement, respectively. Both of these have market caps of $85.6 million and $37.2 million, respectively.

    Related Posts