A crypto surveillance firm says black hat developers have placed hundreds of malicious tokens on Coinbase’s newly launched Ethereum () layer-2 chain.
According to Solidus Labs, bad actors deployed more than 500 scam tokens on days after the blockchain debuted for developers on July 13th and before the network became available for the public on August 9th.
“Roughly 300 of these scam tokens’ smart contracts contained hidden functions enabling their creators to mint an unlimited number of new coins; another 70 contracts contained obfuscated transaction fee modifiers; and more than 60 contained honeypots, blocking buyers from reselling their tokens altogether.”
Solidus Labs says the scam tokens generated about $3.7 million worth of trading volume on Base’s decentralized exchanges (DEXs). The rogue assets drew in $2.7 million worth of buys, $700,000 worth of sales and $300,000 worth of wash sales that the fraudsters executed themselves.
The perpetrators managed to earn $2 million in profits from the scheme by removing all liquidity from their DEX pairs after a significant number of users invested and by minting and selling massive quantities of new coins.
Malicious actors also placed soft rug pull crypto assets on the network ahead of the launch. In this type of social engineering attack, developers hype up the value of the crypto asset and then withdraw their funds, leaving existing investors with overwhelming sell pressure.
