• Fri. Oct 11th, 2024

Developers of Crypto Lender Kokomo Finance Use Wrapped Bitcoin in Exit Scam to Steal $4M

Patrick Carter

ByPatrick Carter

Mar 27, 2023

The scrutiny conducted by security firm CertiK indicated that developers of the optimism-oriented Kokomo Finance protocol executed an exit scam to steal $4 million in users’ funds. The developers would later erase all social media presence leaving the Kokomo tokens’ value to plummet by 98.64%.

Developers Orchestrate $4 million Theft to Unsuspecting Investors

The developers orchestrated the exit scam over the weekend alongside promoters of the crypto project portrayed as a legitimate initiative to the market. The attraction of unsuspecting investors allowed the developers to pull liquidity upon realizing a sizable sum to the project.

Certik analysis indicates that Kokomo Finance was established on Saturday, March 25. The project facilitated users to trade while also accommodating borrowing and lending. The most active pair is KOKO/WETH.

Certik Analysis Shows Developers Exploited the Multiplicity of Tokens to Win Investors’ Confidence

Among the cryptos that users could borrow, lend, and trade include Ether (ETH), USD Coin (USDC), Dai (DAI), Tether (USDT), and wrapped Bitcoin (wBTC).

The multiplicity of cryptos enabled Kokomo Finance to garner popularity, particularly among Uniswap (Optimism) users. The preference of the platform allowed the developers to pull liquidity while erasing their online presence.

Hours later, the Kokomo developers would engineer an attacking contract featuring cBTC using the KOKO’s primary address for the Kokomo’s native tokens. The analysis of the Sunday night event by Certik reveals that the developers quickly formulated the reward speed before pausing the borrowing capability. They would later launch a malicious contract to interact with the entire protocol.

Bitcoin Derivative Tokens Utilized to Stage the Million-Dollar Exploit

cBTC involves a wrapped bitcoin derivative whose issuance relies upon the Ethereum network. The developers resorted to wrapped BTC issuance to hoodwink the protocol to believe in its nonexistent liquidity.

The fraudsters would then utilize another developer address to approve the 7000 Sonne Wrapped Bitcoin maliciously. This subsequent transaction replicated the previous in using a bitcoin derivative token hosted on the Ethereum network.

The developers used the tokens to swap the user-supplied liquidity to the protocol. Besides stealing the proceeds exceeding $4 million, the developers would promptly stage deletion of all social media accounts. Also, the Kokomo website became inaccessible, particularly in the early Asian hours.

Kokomo Finance Market Outlook

Scrutiny of Koko Finance shows the KOKO tokens eroded 98.6% of their value to exchange hands at $0.00065849. In comparison, the transaction volume estimates at $305,661 eroded all worth for the Koko holders.

The execution of the exploit replicates other attacks targeting the crypto market. It rekindles the debate over a $200 million exploit perpetrated on Euler Finance in an early March.

Patrick Carter

Patrick Carter

Patrick Carter is a seasoned news writer known for his meticulous research and engaging storytelling. With a dedication to providing accurate and informative news coverage, his articles offer readers a comprehensive understanding of current events with a fresh and thought-provoking perspective.

Leave a Reply

Your email address will not be published. Required fields are marked *