-
SlowMist identifies a liquidity exploit vulnerability on Four.Meme, affecting its token launch and liquidity pool security.
-
The attacker exploited Four.Meme’s smart contract, adding liquidity at unintended prices and bypassing token restrictions.
-
The incident follows a February exploit that resulted in a $183,000 loss, highlighting ongoing security concerns on the platform.
SlowMist warns of a critical exploit on Four.Meme affecting liquidity pools, echoing past security breaches that challenge the trust in decentralized systems.
Exploit Details on Four.Meme
According to SlowMist, the attacker exploited a specific function within Four.Meme’s smart contract to purchase some tokens before their official launch. Utilizing the 0x7f79f6df function, the attacker sent these pre-launch tokens to a designated PancakeSwap pair address that had not yet been created.
This maneuver allowed the attacker to establish the pair and add liquidity without transferring the unissued tokens. Thus, they effectively bypassed the transfer restrictions that were active before the token’s official release.
Consequently, the attacker was able to add liquidity at an unintended price, resulting in the theft of pool liquidity.
“…why would the pool be emptied after the platform was fairly launched? If there is such a loophole, do all coins have this risk?” remarked Wick, a popular user on X.
This is not the first time Four.Meme has faced security challenges. In February, the platform suffered a significant exploit resulting in a loss of approximately $183,000. The attacker manipulated liquidity by creating a fake liquidity pool on PancakeSwap V3 before the legitimate pool’s opening.
They exploited vulnerabilities within the platform. In response, Four.Meme temporarily halted liquidity operations and assured users of fund security while implementing stronger protections.
The BNB chain meme coin platform issued an emergency announcement acknowledging a malicious attack. The team promptly intervened to address the issue, suspending the token liquidity pool (LP) launched on PancakeSwap to ensure security.
Implications for PancakeSwap and BNB Chain
The recent exploit on Four.Meme comes at a time when PancakeSwap, a leading decentralized exchange (DEX) on BSC, has been experiencing significant growth. In February 2025, PancakeSwap reached a trading volume of $81 billion, the highest since 2021, pushing its total cumulative volume beyond $1.1 trillion.
This surge was fueled by BNB Chain’s recovery and the growing interest in meme coins, with PancakeSwap dominating 90% of BNB Chain’s DEX market share.
PancakeSwap DEX Cumulative Volume and Trader By Chain. Source: Dune dashboard
However, security incidents like the one involving the Four.Meme platform highlight the vulnerabilities within the ecosystem. They also stress the need for strong security measures to protect user funds and maintain trust in decentralized platforms.
As the popularity of meme coins and decentralized finance (DeFi) platforms continues to rise, ensuring their security and integrity become increasingly critical.
Users should exercise caution and conduct thorough due diligence before engaging with new projects. On the other hand, platform developers must prioritize security to safeguard user assets and uphold the credibility of the DeFi ecosystem.
Conclusion
The recent liquidity exploit at Four.Meme underscores the navigating challenges within the rapidly evolving crypto landscape. As platforms strive to balance innovation with security, stakeholders must uphold best practices to prevent similar occurrences in the future. Enhancing security measures is not just a reactive strategy; it is essential for preserving the integrity of the growing DeFi sector.
