LaunchZone halts trading, transfer of native token following $700k hack

Key takeaways:

• LaunchZone, a decentralized finance (DeFi) protocol built on the BNB Chain, allegedly had stolen $700,000 worth of funds.
• After a hack depleted the liquidity pool by 80%, Launch Zone stopped dealing and transferring its native token, LZ, until further notice.

LaunchZone, a decentralized finance (DeFi) protocol built on the BNB Chain, allegedly had stolen $700,000 worth of funds. The project claims an attacker used an exploit.

After the LaunchZone liquidity pool was drained of more than 80% of its assets on February 27, information still needs to be provided. As a result, users were cautioned via Twitter not to purchase tokens until more data was gathered:

“$LZ is being hacked from DND exploiter. The team is handling the situation, please don’t buy the token at this stage. Please keep calm. We will update timely.”

Several various blockchain explorers’ data shows that as money was exchanged through PancakeSwap, the value of its native token LaunchZone (LZ), decreased by more than 80%. According to PeckShieldAlerts, the LZ token collapse started when someone dumped 9.88 million LZ tokens on Pancakeswap a few hours before Launch Zone disclosed the hack. 

The blockchain analytics company also alleged that the LZ hack was a component of a broader “in-the-wild hack” and urged users to revoke access to the questioned bsc address. But as of publication, Launch Zone has stopped dealing with and transferring its token until it can find a solution.

Please be informed that given the current situation, we have decided to pause the trading/transferring of $LZ token until the problems are solved. Thanks for your understanding and please keep updated! pic.twitter.com/CMz4I5V1wb

— LaunchZone (LZ.finance) (@launchzoneann) February 27, 2023

Launch Zone’s data reveals that the exploiter took $88,000 in BUSD and about $400,000 worth of LZ. However, further research showed that, according to information from blockchain explorers, the exploiter made off with about $700,000. How many tokens the hacker could exchange and send out before the protocol stopped dealing is unknown. Biswap DEX has revealed a delisting of the LZ token until further notice.

Dear Biswappers,

The $LZ token will be delisted within 5 hours due to its hack by the DND exploiter.

❗️Please, don’t make any $LZ transactions at this stage❗️

????The @launchzoneann team is handling the situation.
Stay safe with @Biswap_Dex. pic.twitter.com/sDesj4B8za

— Biswap (@Biswap_Dex) February 27, 2023

The BNB Chain ecosystem has struggled with leaks and exploits over the past year. A $100 million scam that attacked the BNB Chain in October 2022 resulted in a hard split. Attackers had exploited a cross-chain weakness.

A serious flaw was also found and reported to the BNB Chain team in February by Jump Crypto, a provider of Web3 infrastructure. Through fraudulent activities, the flaw could have enabled an attacker to create an infinite supply of tokens. The BNB team fixed the flaw before it was made public.