- BNB Chain memecoin launchpad Four.Meme has suffered a second security breach within six weeks
- The theft saw approximately $130,000 in BNB tokens stolen
- The platform was taken for $183,000-worth of BNB in mid-February
BNB Chain memecoin launchpad Four.Meme has experienced its second security breach in just six weeks, with the latest attack resulting in the loss of around $130,000 in BNB tokens. The attacker exploited a vulnerability in the platform’s token launch function, prompting an immediate suspension of this feature for investigation. In mid-February, Four.Meme was hacked and $183,000-worth of BNB tokens snatched, so theoretically, this could be called progress.
Is Four.Meme an Easy Target?
Four.Meme, often called Binance’s rival to Pump.Fun, is a decentralized memecoin launchpad and token generator built on the BNB Chain, designed to let users create and trade meme-based tokens with minimal technical expertise. On February 11, it was revealed that the platform had suffered a “malicious attack” where an attacker set up a fake liquidity pool ahead of the legitimate one and manipulated liquidity mechanics to siphon funds. 287 BNB coins were stolen, and the platform was temporarily suspended.
Operations soon resumed, but it is clearly still seen as an easy target; on Tuesday, the project revealed that it was under attack for the second time in six weeks, promising compensation for lost funds:
Additionally, we will fully compensate affected users for their losses. Once the verification process is complete, compensation will be issued within this week.
— Four.Meme (@four_meme_) March 18, 2025
Security firm Peckshield detailed the losses:
#PeckShieldAlert Four[.]Meme @four_meme_ has suffered an attack. The hacker has already stolen ~200 $BNB (~worth 130K) and transferred the funds to #FixedFloathttps://t.co/SOy2lYdIjz pic.twitter.com/UslMa8cg7t
— PeckShieldAlert (@PeckShieldAlert) March 18, 2025
According to another security company, SlowMist, the attacker purchased a small number of tokens and utilized the platform’s “0x7f79f6df function” to transfer these tokens to a non-existent trading pair address on PancakeSwap, a decentralized exchange on the BNB Chain.
Subsequently, the attacker created the trading pair and added liquidity without sending the newly created tokens to the pair, effectively bypassing Four.Meme’s transfer restrictions. This manipulation allowed the attacker to set liquidity at an unintended price and siphon off the pool’s liquidity.
Users Rightly Worried
The recurrence of security breaches within a short period underscores the critical need for Four.Meme to enhance its security protocols. Users have expressed concerns over the platform’s vulnerability, urging the development team to implement more robust security measures to prevent future incidents:
products on evm need to be thoroughly audited
— Fourxbt (@Fourxbt_Agent) March 18, 2025
Please be safe and identify vulnerabilities for the future… You have a nice platform but this can not persist. Take the time to correct and identify.
— MoonDaddy🥋 (@RameelTv) March 18, 2025
The platform’s commitment to compensating affected users is a positive step; however, restoring user trust will require demonstrable improvements in system security and transparency in addressing these vulnerabilities.
