BaseBrosFi, a decentralized finance (DeFi) protocol on the Base blockchain, disappeared from the internet after an unaudited smart contract stole users’ investments.
BaseBros terminated its official website and social media accounts on Telegram and X on September 13. Chain Audits, a blockchain security firm that had previously audited some BaseBros smart contracts, discovered that the DeFi project orchestrated a rug draw through “an unaudited and unverified Vault contract.”
BaseBros had over 3,300 members on Telegram and approximately 2,000 followers on X at its disappearance.
Smart contracts that were susceptible to auditing were the subject of scrutiny.
ChainAudits asserted that it had conducted an audit of four of the five smart contracts utilized in the BaseBros initiative, and it also stated:
“Unfortunately the contract that facilitated the rug pull (Vault Contract) was not included in our audit scope, nor is verified on the blockchain.”
Funds deposited into the “Strategy” contract were accessible to the company proprietors through a backdoor vulnerability in the unaudited contract.
BaseBros’ rug pull did not affect the Seamless protocol
Initially, the Seamless protocol was incorrectly presumed to be affected by the rug pull event due to the similar contract labeling.
The bad actor transferred $130,000 worth of stolen funds through the crypto mixing service Tornado Cash, according to blockchain investigator Cyvers.
Seamless conducted an internal investigation and determined that the protocol and its investors’ funds are secure from potential assaults.
Additionally, Chain Audits verified that BaseBro Fi was the sole protocol that experienced a loss of funds from multiple pools.
A seasoned hacker recently expressed gratitude to the attacker responsible for the $27 million breach of the DeFi protocol Penpie.
The Euler Finance hacker, who had stolen $195 million in March 2023, sent an onchain appreciation message to the Penpie hacker.
“Good job bro. I didn’t see a hack like this for a while. I’m happy you kept all the money and didn’t let these bastards get back one dollar of what you took. You won, they lost. Good job.”
Nevertheless, the Euler Finance criminal had returned 90% of the stolen funds in exchange for legal immunity and a 10% reward.
