Open in app

Sign in

Write

Sign in

Dogechain’s ecological DoglandsDC project swept ~$204K in Rug Pull

QuillAudits - Web3 Security 🛡️
3 min readJan 31, 2023

In brief⚡

Events Under the Spotlight💥

~$204K funds swept away from the DoglandsDC project

  • Dogechain ecological multi-purpose GameFi and DeFi agreement Doglands pulled an exit scam for ~$204K.
  • The contract addresses on the project chain are 0x106E6a2D5433247441c1Cdf4E3e24a0696a46d0, 0x12b17, and 0x0e815, and they drain all of the reserves in the LP tokens, totalling approximately $204000.
  • The funds have now been transferred to Ethereum and distributed to multiple addresses via a cross-chain bridge. Doglands’ official Twitter and website have been deactivated.

Abnormal additional issuance of FFF tokens caused a loss of ~$1M

  • An unusual additional issuance event has occurred for the FFF token deployed on BSC. More than $20.103 million in FFF tokens were sold during the additional offering.
  • The administrator of the original project party sets the additional issuance permission of some contracts and the additional issuance quota before cancelling the owner permission. The additional issuance quota is 0x211654585005212800000 /10**18 = 2,500,000.
  • The original owner upgrades the additional issuance contract, changes its code logic, and then calls the additional issuance contract for additional issuance before it begins.
  • All additional tokens were transferred to the address at the start of the address 0xB6F and sold, totalling approximately $103.64 million in FFF tokens sold (sold as USDT).

Kevin Rose suffers losses as a result of a wallet hack.

  • Kevin Rose, the founder of Digg and entrepreneur, lost many expensive NFTs after signing a malicious transaction.
  • The hacker stole 25 Squiggles NFTs, trading at a floor price of 13.3 ETH, putting the estimated cost at around 332.5 ETH ($519,000).
  • Rose paid between 6.3 and 16 ETH ($10,000 to $25,000) for each Squiggle.
  • The hacker also stole an Autoglyph NFT, rarely traded but recently sold for around 200 ETH ($312,000). Rose had been trying to sell his Autoglyph for 345 ETH ($539,000) but had yet to find a buyer.

UniswapV2Pair WETH-BCI lost ~$11K due to a contract vulnerability.

  • UniswapV2Pair WETH-BCI was attacked in numerous TXs, resulting in a loss of ~$11K due to flawed logic in the BCI token contract’s internal _transfer() function, i.e., it burns 1% of the pool’s BCI tokens every 10 minutes (triggered by a transfer).
  • The attacker first exchanged a large number of BCI tokens from the pair, then transferred a small number of BCI tokens to the pair every 10 minutes to force them to burn from the pool, inflating the value of BCI tokens.
  • The attacker eventually returned the WETH for a profit.

Trending Blog of the Week🚀

Hashingbits
Defi
Blockchain
Rugpull

--

--

QuillAudits - Web3 Security 🛡️

Written by QuillAudits - Web3 Security 🛡️

910 Followers

Smart Contract Auditing Experts , Making web3 a safer place . audits@quillhash.com

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams