First Metaswap, Now MetaDAO Rug Pulled: 800 ETH Lost

Key Takeaways:

PeckShield, a reputable blockchain security firm, warned investors of a possible rug pull after MetaSwap’s MGAS token lost just under 47% of its value.
When crypto developers abandon a project and flee with investors’ money, this is known as a rug pull.
NFT swaps were possible using the MetaSwap protocol on Binance Smart Chain, Ethereum, and Polygon.

First Metaswap, Now Metadao Rug Pulled: 800 Eth Lost — First Metaswap, Now MetaDAO Rug Pulled: 800 ETH Lost

Rug pulls are especially popular in the decentralized finance (DeFi) ecosystem, where people may readily exchange cryptocurrency without using an intermediary. Tokens can be created on DeFi for a low cost and then listed on decentralized exchanges (DeX). Because these exchanges do not require code audits, this is the case. Third-party organizations do code audits on a token’s smart contract to ensure no flaws. There is very little insight into the legitimacy of a cryptocurrency token without a code audit.

This morning, PeckShield discovered MetaSwap carpets being pulled and transferred stolen cash to Tornado Cash (1,100 BNB).

“Do not cancel this contract, and if you have, withdraw as quickly as possible.”

To learn more, read this.

Clients of the platform formed a Telegram group to hire experts to discover project organizers and recover assets.

Another protocol, MetaDAO, has also been targeted by the rug pull scam, according to PeckShield. The total loss was 800 ETH ($ 3.25 million).

The assets are directed to Tornado Cash, just like Metaswap Gas.

They have also removed their Medium posts – https://t.co/DGyIrHRphn
— Arijit Sarkar (@askposs) December 27, 2021

To all the holders of $MGAS #Metaswap #MetaswapGas, here's a group you can join where old holders like me are doing some discussions about #MGAS. I read some updates too. https://t.co/MmXiBDJvW8
— H O D L !!! (@AAAIGOOOOO) December 27, 2021

Several crypto units were hit by a series of attacks in December, resulting in a total loss of about $ 600 million. Bent Finance took the initiative on December 21 to persuade investors to withdraw assets once it was confirmed that a pool was being liquidated.

1/ There was an exploit from the bent deployer address, it added balance of cvxcrv and mim to an address on an unvierifed update 20 days ago. We just discovered this today. There are multiple members on this team and we will make this right.
— Bent Finance ???????? (@BENT_Finance) December 21, 2021

Like previous victims of the crypto community such as Grim Finance, BitMart, and AscendEX, Bent Finance committed to restoring all stolen cash to its investors. However, the squad has yet to announce a strategy for this:

“We recommend you withdraw from the protocol until further notice. We are not going anywhere and will recover from this one way or another.”

McGill discovered that the attack could have started as early as December 12 after completing an inquiry. This contradicts Bent Finance’s allegation that the attacker had been on their system since December 1.