Today PeckShield detected that TitanoFinance get exploited and the exploiter gained about 4,828.7 BNB (~$1.9m). The exploiter’s funds were initially held in this wallet 0xAd9217e427ed9df8A89E582601a8614FD4F74563. They have been split into 23 addresses.
According to CertiK Security Leaderboard, they saw a price drop on the project TitanoFinance. According to them, $Titan has dropped more than > 80%. The owner minted 32M $TickTitano.
A Twitter account named Titan Summit Tweeted that “Hey everyone! The project is still alive and kicking, it seems it’s an issue with PLAY. The standard TAP protocol has no issues and is able to buy and sell. Please stay tuned for more updates. We notice that Certik has reported the PLAY incident on Twitter. The “owner” DID NOT mint any tokens. Instead, the PLAY contract was compromised, meaning a malicious hacker was able to create more Titano Tickets. Please bear with us as we work on securing your investment.”
As per TitanoFinance official Telegram channel, they informed everyone that as of now it looks like the Titano PLAY contract was compromised. TitanoFinance told everyone that if you are able to withdraw from Titano PLAY then they suggest people withdraw their funds as soon as possible. They informed people that this is NOT a rugpull. Liquidity is still locked and RFV and Treasury are still very much there. The standard TAP protocol is still safe and fine. This, however, is NOT OFFICIAL due to security concerns, they recommend not interacting with PLAY.
According to their Telegram channel announcement, they are investigating and will get back soon. The Standard protocol is completely unaffected and can buy and sell without issues.
Treasury address: 0x4DD90D3cE962039A3c66d613207aC2d449dFa04F
RFV address: 0x00dE99c90E8971D3E1c9cBA724381B537F6e88C1
They further said all team wallets are intact and liquidity is still locked. THIS IS NOT A RUG. Instead, PLAY may have been compromised but no official confirmation. In the meantime, they are asking people to please ensure their wallet is disconnected from any apps. Also, attempt to withdraw PLAY tokens.
They further said that since they are unable to estimate how far the smart contract for PLAY has been compromised, they recommend to NOT interacting with PLAY at all. Instead, highly suggest disconnecting the wallet, and removing any approvals. Note that PLAY and Titano are two separate contracts and your Titano is still SECURE AND SAFE.
TitanoFinance wrote a note to the hacker in their Medium post by stating, they know who the hacker is and where he is and they will be relentless in pursuing the hacker. They said they will give the hacker 24 hours to return the funds hacker stole with no penalty. If the hacker does not return the fund, the deal is off the table.
They even warned the hacker by saying the hacker should know TitanoFinance and many of their 42,000 strong Titan community have amazing contacts and a long reach, and they will not let the hacker rest because of what the hacker has done. TitanoFinance considers hacker actions not just an attack on Titano but against all of the DeFi companies who are committed to helping people to change their lives and find financial freedom. Further, the note said the hacker to do the right thing and return the money or the hacker will never be able to rest easy.