Bondly - REKT
In which Bondly battles the infinite mint.
Founded in November 2020, Bondly Finance was a multi-service NFT platform.
Their token holders are now at a loss, due to an infinite mint exploit in which the attacker made a profit of $5.9 million.
As always, this may have been a rug pull, but this was not just your standard foodcoin farm.
Bondly had built up a decent following, with ~47k followers on Twitter, investment from Binance, and partnerships with reasonably sized celebrities.
Those celebrities included Logan Paul, whose brother Jake Paul was also affected by the Chainswap exploit just days ago.
Influencers - rekt.
The Bondly Finance website details their work with the PolkaPets Trading Card Game, as well as their other work with digital collectibles, brands, influencers, and artists.
If you’re into that sort of thing, then by most measurements, Bondly were doing well.
Now they are not.
Mint address: 0x58a058ca4b1b2b183077e830bc929b5eb0d3330c
Associated wallet: 0xc433d50dd0614c81ee314289ec82aa63710d25e8
The market had no need for 373 million new BONDLY tokens, so when the malicious actor minted and began to dump 100,000 of them at a time, the price of BONDLY fell by 80%.
$4.8 million DAI was sent to Tornado, and $1.1 million in DAI and BONDLY remains on the address at the time of writing.
The Bondly announcement tweet claims the wallet was compromised by an unknown party.
Was it an external attacker, or the Bondly team, who took inspiration from the case of Paid Network?
How will Bondly recover from this incident?
Many protocols now attempt some form of compensation after an attack, but when we asked our Telegram group whether this should always be expected, our readers' feedback was not unanimous.
With such an established userbase, it would be a shame if Bondly Finance, didn’t live to die another day.
Although this is their first time on the rekt leaderboard(#28), we’ll never say never again, as DeFi is a casino royale, where the hackers don’t need a licence to kill.
From rekt.news with love.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Jimbo's Protocol - REKT
Jimbo’s Protocol was hit with a flash loan attack in the early hours of Sunday, losing $7.5M. The team have sent the attacker an ultimatum. But for now, Jimbo is stuck in limbo.
Tornado Cash Governance - REKT
Cypherpunks strive to become ungovernable... but not like this. Tornado Cash's governance has been taken hostage via a trojan horse proposal. But now the hacker is proposing reversing the effects of their exploit. Hopefully this all turns out to be just a storm in a teacup.
Swaprum - REKT
Swaprum, an Arbitrum-based DEX, pulled the rug for $3M on Thursday. Certik, the project's auditor, has since updated Swaprum’s security score to “Exit Scam”. Too little, too late?