Rug Pull Almost Wipes out GameFi Project; DeFi Protocol Suffers Hack

A popular play-to-earn (P2E) GameFi project has seen its value plunge by 99% following a rug pull, while another decentralized finance (DeFi) platform has lost millions of dollars in a hack.

According to a tweet by PeckShield Alert, the GameFi project HeroCat is showing signs of a rug pull. The game’s token, HeroCat Token (HCT), developed in late Nov, lost more than 99.5% of its value, claims PeckShield and CoinGecko data.

HCT’s price has dropped from $0.0097 to $0.00002 in the past 24 hours. Its all-time high (ATH) was roughly $0.22 in Dec. The token’s trading volume reached an ATH of $3.8 million, but now it is now lower than $500, per data provided by CoinGecko.

According to PeckShield Alert, HCT, which is a Binance Chain-based (BNB Chain) token, “made a big sale and transferred” around $151,000 worth of Binance USD (BUSD) from the address”: “0x6e49ae035ef344abe4bed87a0dce44fc97d6a441” to “0x74A12a28Fea0d1b59A05B94c5F23a22ee323CF4C.

HeroCat GameFi has yet to release any updates about the current situation yet. 

Cream Finance hack

And according to PeckShield, a blockchain security and data analytics firm, the DeFi platform Cream Finance was exploited by hackers on Tuesday. Per the tweet, the hack was done because of a “bug introduced by [the] AMP” token. 

“The hacker makes a flash loan of 500 ETH and deposits the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to re-borrow 355 ETH inside $AMP token transfer. Then the hacker self-liquidates the borrow,” PeckShield explained in another tweet.

According to the company, the hacker had to repeat the above process 17 times to gain a total of 5,980 Ethereum (ETH) with roughly $18.8 million. Per Peckshield, the whole looted amount is parked at the address “0xa9a1b8ea288eb9ad315088f17f7c7386b9989c95b4d13c81b69d5ddad7ffe61e.” The security firm added that they will be “actively monitoring this address for any movement.”

Moreover, Cream Finance tweeted that they have stopped the attack by “pausing supply and borrow on AMP,” and thanked PeckShield Inc. for “assisting with the investigation.”

According to Cream Finance, the exploit led to a loss of 418,311,571 AMP tokens (worth roughly $2.7 million at the time of writing, per CoinMarketCap data) with 1,308.9 (worth $2.08 million at the time of writing) ETH.

Cream Finance suffered three major flash loan exploits last year, the final one costing over $130 million. 


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.