Four.Meme Resumes Operations After Sandwich Attack That Drained $120,000

The BNB Chain-based memecoin launch platform has restored its operations after suffering a sandwich attack that resulted in an estimated $120,000 loss.

Four.Meme, a BNB Chain-based memecoin launch platform, has reportedly restored its operations after suffering a sandwich attack that resulted in an estimated $120,000 loss.

On March 18, Four.Meme announced on X that its launch function was back online following a security review. The platform had temporarily suspended the function earlier in the day to investigate what it described as being “under attack.”

“The launch function has now been resumed after a thorough security inspection. Our team has addressed the issue and reinforced system security. Compensation for affected users is underway,” the Four.Meme team stated.

The post added that the platform was cooperating fully with relevant parties to identify and mitigate any risks involved.

However, Web3 security firm ExVul identified the exploit as a sandwich attack, a market manipulation tactic where an attacker attempts to execute trades immediately before and after another user’s transaction to inflate trading costs.

According to ExVul, the attacker pre-calculated an address to create a liquidity pool’s trading pair and then leveraged one of Four.Meme’s functions to purchase tokens—bypassing the platform’s built-in token transfer restrictions.

“The hacker lay in wait for Four.Meme to add liquidity to the transaction, ultimately siphoning off the funds,” ExVul explained.

A Deep Dive Into The Attack

Meanwhile, blockchain security firm CertiK arrived at a similar conclusion, noting that the attacker manipulated the launch process by transferring an imbalanced number of unlaunched tokens to designated liquidity pair addresses.

Once the token was officially launched, the attacker inflated the price and sold the tokens at a profit.

One example cited was the SBL token, where the attacker sent a small amount of SBL to the pre-calculated pair address and then profited 21.1 BNB by sandwiching the liquidity-adding transaction at launch.

This marks the second exploit on Four.Meme in just over a month. On February 11, the platform suffered a separate attack that led to losses of $183,000 worth of digital assets.

The incident comes amid a broader wave of crypto-related exploits. In February alone, cybercriminals stole $1.53 billion through scams and hacks, with the $1.4 billion Bybit exploit accounting for most of the losses.

According to Chainalysis, crypto crime is becoming more sophisticated, with AI-driven scams, stablecoin laundering, and coordinated cyber syndicates contributing to a $51 billion illicit transaction volume over the past year.