Four.Meme Resumes Operations After Sandwich Attacker Stole $120,000

The BNB Chain-based memecoin launch platform Four.Meme has resumed operations after being hit with a sandwich attack that exploited it for around $120,000.

Four.Meme, a BNB Chain-based memecoin launch platform, has resumed its launch function after being hit with a sandwich attack that exploited it for around $120,000, a crypto security firm said.

The launch function was back after inspecting and addressing a security issue, Four.Meme said in an March 18 X post.

It had earlier suspended the function to investigate it, saying it was “under attack.”

“The launch function has now been resumed after a full security inspection. Our team has addressed the issue and reinforced system security. Compensation for affected users is imen. Space available for full integration.”

But Web3 security firm ExVul said in an X post that the exploit appeared to be a market manipulation technique known as a sandwich attack. It said the attacker “pre-calculated the address for creating the liquidity pool’s trading pair” and utilized one of Four.Meme’s functions to purchase tokens, which successfully bypassed the platform’s token transfer restrictions.

“Subsequently, the hacker lay in wait for Four.Meme to add liquidity to the transaction, ultimately siphoning off the funds,” ExVul added.

Blockchain security firm CertiK came to a similar conclusion and said the attacker transferred an imbalanced amount of un-launched tokens to pair addresses before the pair was created, then manipulated the price at launch to sell them afterward for profit.

“In this case of SBL token, for example, the attacker sent a bit of SBL token to the pre-calculated pair address in advance, then profited 21.1 BNB by sandwiching the add liquidity transaction at launch.”

The tactic saw the attacker leave with at least 192 BNB (BTCUSD,) which they sent to the decentralized crypto exchange FixedFloat, according to CertiK.

It’s the second time that Four.Meme has been attacked in as many months, with a Feb. 11 exploit resulting in the loss of about $183,000 in digital assets.

Across the broader crypto industry, February saw $1.53 billion in losses to scams, exploits and hacks, with the $1.4 billion Bybit hack accounting for the lion’s share.

Blockchain analytics firm Chainalysis says the past year saw $51 billion in illicit transaction volume, partly due to crypto crime entering a professionalized era dominated by AI-driven scams, stablecoin laundering, and efficient cyber syndicates.