SafeMoon Hacker ‘Accidentally’ Steals $8.9M. Wants to Return Everything

Some are saying that the attack on SafeMoon could’ve been an inside job.

A robot with a TV instead of a head touches the moon
  • The hacker managed to upgrade SafeMoon’s smart contracts and introduce a public burn bug.
  • They drained the SFM:BNB liquidity pool.
  • Emerging evidence points to the possibility that the hack was an inside job.

Crypto hack incidents have somewhat subsided in 2023 compared to the record-breaking previous year. However, hackers have not completely left the sphere and in some cases even manage to “accidentally” hack projects.

That’s what happened to SafeMoon, which got hacked for millions of dollars after an apparent mistake from the hacker.

SafeMoon Hacker ‘Accidentally‘ Pilfers $8.9 Million

SafeMoon (SFM), a decentralized finance (DeFi) project with a rich history of controversy, suffered an exploit on Wednesday morning that saw $8.9 million stolen.


An anonymous hacker managed to upgrade one of SafeMoon’s smart contracts and introduce a public burn bug that drained the SFM:BNB liquidity pool

SafeMoon CEO John Karony acknowledged the incident and said that the team has taken “swift action to resolve the situation and protect our community.”

“In the hours since [the attack], our team has met with key advisors to agree a plan that protects token holders and the community. We have located the suspected exploit, patched the vulnerability, and are engaging a chain forensics consultant to determine the precise nature and extent of the exploit.”

However, in a surprising turn of events, hours after the incident the address related to the hack sent SafeMoon a message encoded in a transaction. The hacker said that the exploit was an “accident” and that they want to return the funds.


“Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel, let’s talk.”

At the same time, details that have emerged since the exploit seem to indicate that there’s a possibility the hack might be an inside job.

SafeMoon Hack – Inside Job?

The exploit of SafeMoon seems to have a deeper meaning. Blockchain security company PeckShield indicated on Twitter that the hack could’ve been an inside job.

That’s because the public burn bug introduced after upgrading one of SafeMoon’s smart contracts was initiated by the official SafeMoon Deployer.

It’s still unclear how or why the official deployer introduced the bug. No one from the SafeMoon team has yet to provide any comment on this.

SafeMoon’s native token SFM dumped hard on the news. SFM plummeted by as much as 35% and is currently trading at $0.00018, according to data from CoinGecko. It’s down 95% from its all-time high.

On the Flipside

  • It’s unclear what the hacker means by saying they “accidentally front-run” the attack on SafeMoon. It’s also unknown how they got hold of SafeMoon’s admin keys.

Why You Should Care

The SafeMoon exploit shows that users should always do their own diligence before deciding where to invest or hold their money. 

Read more about the latest developments in the Euler hack saga:
Euler Hacker Apologizes for $200M Attack, Returns Millions to Protocol

Read more about Trust Wallet’s newest partnerships:
Trust Wallet Partners with Three Companies to Offer Crypto Tax Reporting

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Arturas Skur

Arturas Skur is a cryptocurrency news reporter at DailyCoin who covers Web 3.0 domains, DeFi, and Ethereum Layer-2s. With over five years of experience in journalism and public relations, Arturas brings his critical thinking and analytical abilities to deliver insightful news stories. In his free time, he enjoys hiking, playing with his dog, and reading.