A recent cyber breach targeted the Base-DEX, RocketSwap, resulting in the theft of 471 ETH, valued at approximately $860,000. The attacker swiftly transferred the stolen funds to the Ethereum mainnet, introducing a memecoin dubbed $LoveRCKT. This new digital token was seeded into a Uniswap liquidity pool, accompanied by a staggering 90 trillion $LoveRCKT tokens, paired with 400 ETH.
RocketSwap, the victimized DEX, responded to allegations on social media that its team was involved, vehemently denying any internal connection to the attack. Instead, RocketSwap attributed the breach to an external malicious actor exploiting a vulnerability arising from the use of offline signatures. The hacker’s brute force attack allowed them to drain user funds from RocketSwap’s farms.
This incident underscores a series of issues surrounding Coinbase’s Base Network, with RocketSwap marking the second application to fall prey to an attack, following the exploitation of LeetSwap earlier. The Base Network has also witnessed the emergence of the notorious $BALD memecoin, which faced a rug-pull after a substantial 6,800 ETH was extracted from its liquidity pool on LeetSwap. Despite its anticipated entry into the blockchain ecosystem, Base Network’s reputation has been marred by controversies since its July 13 mainnet launch.
