Back to all stories
Slippery Rug: The Uncontrolled Launch of Smashcash
1/8/2024
Project name: Smashcash
Project type: Token
Date of exploit: Feb 13, 2023
Asset loss: ~45.6 BNB
Vulnerability: Initial Token Distribution
Date of audit report publishing: Dec 30, 2021
Conclusion: In Scope
Details of the Exploit
Background
Smashcash is an ERC-20 token contract deployed on Binance Smart Chain.
Nature of the Vulnerability
- While the token contract deployment, the Smashcash distributed the token as follows:
- The following wallets sell the tokens and gain ~45.6 BNB as profit:
CertiK Audit Overview
Conclusion
On Feb 13, 2023, Smashcash was reported with a potential rug pull implanted within the initial token distribution, where the wallets that received the initial distribution sold the tokens for ~45.6 BNB. The vulnerability is related to the initial token distribution that the project controlled most of the tokens and can be sold without restriction.
References
Deployment address: 0x3d0e93bfcb8fb46331ea8c98b6ab8c575ab424c3
Related Stories
On 24 February, GambleFi project RiskOnBlast is thought to have become the first confirmed exit scam to occur on the Blast ecosystem, a layer-2 project on Ethereum.
3/29/2024
In this post, we detail a certain type of rug pull wherein scammers apparently create tokens out of thin air before dumping them on unsuspecting investors.
3/19/2024
On 6th January 2024, the MangoFarmSOL project conducted an exit scam leading to losses estimated around ~$1.32 million which is the largest exit scam that we have investigated in 2024 so far.
2/22/2024
