At 21:00 on July 15, 2022, Beijing time, the CertiK dynamic scanning monitoring system Skynet detected several suspicious transactions that caused the price of TIGER tokens to drop . After analyzing the transaction, the CertiK security team has confirmed that the Forest Tiger Pro project is a fraudulent project .
The platform claimed to be “the first DAO mechanism public chain platform developed by an international DAO organization to support the work of global technical teams in the form of donations”, but took about $2.5 million worth of assets from its community and claimed to “protect wild Animals, protect the ecological environment”.
Looking back at past transactions, it can be seen that the project manipulated the price of TIGER tokens by trading on the TIGER-BSC-USD liquidity pool 30 days ago . During this time, they exchanged TIGER tokens for $2.8 million in BSC-USD. Finally, the project was withdrawn from liquidity on July 13. At present, the project has stolen a total of about $2.5 million worth of assets as profits.
Rug Pull Evidence
- Initial token distribution:
At the time of deployment of TIGER tokens, 20 million TIGERs were sent to address 0xb526138727ca48726970b73b9adf9781faaaf2db and 500,000 TIGERs were sent to address 0xff494edf630fc0c4c9f44cb13eb929d494d46021
- The address 0xff494edf630fc0c4c9f44cb13eb929d494d46021 is the Rug Pull address:
① The operator transferred 35,000 TIGER to the following address: 0x151e0d1a58bfe8be721fc876adb252c9b58ce893
a. Add tokens and 1 million BSC-USD to the trading pool as liquidity 0x7dc35d4f133832502bc3c36a52213eb175da6ac1ff15553d57a6fd1f91bf5a58
b. Remove 1.5 million BSC-USD liquidity in the transaction 0xd72bdfc13adec524e45652321f247f0546470bc8520c2c54df96b9dbb939cff5
c. Replace BSC-USD with TIGER 0x151e0d1a58bfe8be721fc876adb252c9b58ce893
② 190,000 TIGERs were transferred to the following address and burned: 0xbdc93bd6a034a4ecd466281e3f6d14c308e9d9d7
③ 190,000 TIGERs were transferred to the following address and persisted in this address: 0xe15105cf27cc36cfdf77d732694cb25348c6c713
④ Address 0xff494edf630fc0c4c9f44cb13eb929d494d46021 added 2.6 million BSC-USD liquidity to the fund pool
a. Transaction 0x1465e26a1d8bcc811c7d35cf3d991e7d480bc18704a238eb55ebcb7aba325504 added 1.5 million BSC-USD
b. Transaction 0x15f761f34d5c08f58633f3521fe1dbd055a7dfedd9d552739dd556360ac00a70 added 500,000 BSC-USD
c. Transaction 0xcca2ebf33ca4e76c36f4bec93a715cbb95895096777caefb1c6c6a38277c458f added 600,000 BSC-USD
⑤ Address 0xff494edf630fc0c4c9f44cb13eb929d494d46021 removed 2.2 million BSC-USD liquidity 0xc03899a5384dea089c7ce6843230190c08f22fe8106a4e609a79c0b808539d93
- Address 0xb526138727ca48726970b73b9adf9781faaaf2db
① 18 million TIGERs were transferred to 0xe4070566a5034eca361876e653adf6a350206285 and kept in this address
② 150,000 was transferred to 0x26dedfb5ffcc1989135e9f95bf8a8eb1c5772091 and kept in this address
③ 18,000 was transferred to 0x22b2052af23df3c08f93d7103b49ffa2950e0571 and delivered to a different address
④ 31,000 was transferred to 0x50db88e08e08034a8d0c61295a8954cc8bcbc2bf and delivered to a different address
⑤ 2 million is transferred to 0x4ea66bfacec1a025d80e4df53071fd3d3a729318 and kept in this address
Where to go
- Regarding the address 0x151e0d1a58bfe8be721fc876adb252c9b58ce893 :
The address has an initial capital of 1 million BSC-USD and is added as liquid capital. Liquidity was subsequently removed and 1.3 million BSC-USD was sent to address 0x2b7f41d964f136138588998550841a2077471b5a
- Regarding address 0xff494edf630fc0c4c9f44cb13eb929d494d46021 :
The address exchanged TIGER tokens for 2.8 million BSC-USD and added 2.6 million BSC-USD to the pool as liquidity. Finally, send 2.2 million BSC-USD to 0x2b7f41d964f1361385888998550841a2077471b5a and remove liquidity.
The current total profit is about 2.5 million BSC-USD.
Rug Pull Suspicious Transaction
- 1.5 million BSC-USD liquidity removed: 0xd72bdfc13adec524e45652321f247f0546470bc8520c2c54df96b9dbb939cff5
- 2.2 million BSC-USD liquidity removed: 0xc03899a5384dea089c7ce6843230190c08f22fe8106a4e609a79c0b808539d93
- About 30 days ago, sold TIGER: 0xff494edf630fc0c4c9f44cb13eb929d494d46021
Rug Pull Address: 0xff494edf630fc0c4c9f44cb13eb929d494d46021
Profit recipient address: 0x2b7f41d964f136138588998550841a2077471b5a
write at the end
The incident can be found through security audit related risks.
During smart contract audits, CertiK’s security experts will find centralization issues in initial token distribution . To alleviate this problem, CertiK engineers will ask customers for tokenomics related documents and make suggestions on them.
The CertiK security team believes: Incidents like this highlight the need for a culture of transparency and accountability around Web 3.0 projects . This is why CertiK advocates a KYC team background check on the project team, and launched a KYC service earlier this year, which can reliably verify the identity and project background of project team members.
The warning of this incident has been broadcast on CertiK’s official Twitter for the first time. In addition, the CertiK official website https://www.certik.com/ has added a community warning function. On the official website, you can see various community warning information related to vulnerabilities, hacker attacks and Rug Pull at any time.
Recently, there has been a high incidence of Rug Pull attacks. Encryption project parties and users should be more vigilant and improve and audit the contract code in a timely manner.
In addition, technical teams should pay attention to security incidents that have occurred in a timely manner, and check whether there are similar problems in their own projects.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/behind-several-suspicious-transactions-detected-by-certik-skynet-another-fraudulent-project-forest-tiger-pro-has-been-confirmed/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.