Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Pump Science Leaks Private Key on GitHub

November 28, 2024
Reading Time: 2 mins read
in Incidents
Pump Science Leaks Private Key on GitHub

Pump Science, a decentralized science (DeSci) platform, has issued a public apology after a major security incident where its private key was inadvertently leaked on GitHub. This exposed key allowed a hacker to create fraudulent tokens under the platform’s Pump.fun profile, including tokens such as Urolithin B and Cocaine. The attack has raised significant concerns, as users were misled into believing the fraudulent tokens were legitimate creations from the platform. The company openly acknowledged the mishap, with Benji Leibowitz, a representative of Pump Science, stating during an AMA session on Nov. 27 that this was a significant mistake.

In response to the breach, Pump Science acted quickly to mitigate the damage by renaming its Pump.fun profile to “dont_trust” in order to warn users about the compromised address. The company also clarified that the fraudulent tokens were not created by their team and advised the community not to trust any new tokens launched from the compromised wallet. To enhance security moving forward, Pump Science has partnered with blockchain security firm Blockaid, which is actively flagging any new tokens minted from the affected address.

Pump Science partly blamed the Solana-based software firm BuilderZ for leaving the private key exposed in its GitHub codebase. The company clarified that the private key, which had been assumed to belong to a test wallet, was linked to the developer wallet and left unprotected. However, the DeSci platform emphasized that the attacker could not have been BuilderZ, as the method used to mint tokens on the Solana chain did not align with the firm’s processes. There are also suspicions that the hacker behind this breach might be the same person or group responsible for a previous attack on a wallet owned by James Pacheco, a founder at Solana-based commodity tokenization platform elmnts.

Looking ahead, Pump Science has committed to conducting a thorough audit of its platform and will be implementing stronger security measures. As part of its efforts to restore user confidence, the platform plans to run a bug bounty program for penetration testing and will ensure that all future token releases undergo full audits before launching. Pump Science’s proactive approach aims to improve its security practices and prevent similar incidents from occurring in the future. The platform is hopeful that these measures will be in place by the holidays to protect users and maintain the integrity of its operations.

Reference:

  • Pump Science Accidentally Leak Private Key on GitHub Leading to Fraudulent Tokens
Tags: cyber incidentsCyber Incidents 2024Cyber threatsDecentralized ScienceDeSciGitHubNovember 2024Pump ScienceTokens
ADVERTISEMENT

Related Posts

Avantic Lab Affected By Ransomware

Avantic Lab Affected By Ransomware

July 11, 2025
Avantic Lab Affected By Ransomware

Microsoft’s Outlook Long Outage

July 11, 2025
Avantic Lab Affected By Ransomware

$40M+ Stolen from GMX Crypto Platform

July 11, 2025
Nippon Steel Solutions Data Breach

Bitcoin Depot Breach Exposes Data

July 10, 2025
Nippon Steel Solutions Data Breach

McDonald’s AI Hiring Bot Exposes Data

July 10, 2025
Nippon Steel Solutions Data Breach

Nippon Steel Solutions Data Breach

July 10, 2025

Latest Alerts

Fake Sites Push Investment Scams

Fake Firms Push Malware on Crypto Users

Severe WordPress Flaw 200K Sites at Risk

RondoDox Botnet Exploits Router Flaws

ServiceNow Data Exposure via ACLs

Hackers Revive SEO Poisoning

Subscribe to our newsletter

    Latest Incidents

    Microsoft’s Outlook Long Outage

    Avantic Lab Affected By Ransomware

    $40M+ Stolen from GMX Crypto Platform

    Bitcoin Depot Breach Exposes Data

    McDonald’s AI Hiring Bot Exposes Data

    Nippon Steel Solutions Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial