The team confirmed that Doge’s (BOGE) protocol on the Base network was attacked on May 27. The team stated that the attack was similar to the one on Normie and implied that the attacker exploited a security vulnerability similar to the one that caused the recent Normie attack. Normie was attacked on May 26, a day before the Based Doge attack.
Another Memecoin Attacked
Based Doge is a memecoin project inspired by Doge memes and has released a Web3 video game called FlappyBoge and plans to release an NFT collection. According to the post, the team will take a snapshot of the current token balances and relaunch the project to compensate all victims of the attack.
Blockchain data shows that an account ending with bAOC initiated over 120 transactions on Base at 20:48 on May 27. Each transaction resulted in hundreds of thousands of BOGE being transferred to the account, totaling approximately 91.4 million BOGE.
In each transaction, the attacker called an unverified function in a smart contract located at an address ending with 1a42. Since the contract was unverified, the function’s code could not be read by people. After obtaining these 91.4 million BOGE, the attacker immediately exchanged them for approximately 4.47 Ethereum, worth around $16,926 at the time.
Although the amount gained by the attacker was small, the impact on BOGE price was much larger. Before the attack, BOGE’s price was $0.002983 according to CoinMarketCap, with a total supply of 1 billion tokens. This meant a market value of approximately $2.9 million. When the attack occurred, the price dropped to $0.000072, indicating that the 1 billion tokens lost over $2.8 million in value.
Web3 and Hack Attacks
According to an analysis by Web3 insurance provider Neptune Mutual, the previous Normie attack was caused by a faulty get_premarket_user function. This function allowed a user to mint tokens if they were a pre-market user or had the same balance as the distributor’s wallet. The attacker made token transactions until they had a balance equal to the distributor’s wallet, becoming a privileged user allowed to mint new tokens.
After obtaining the token minting authority, they minted and released over 170,000 Normie tokens, causing over $800,000 in damage. Smart contract attacks continue to pose risks for crypto users. On May 17, an attacker withdrew $20 million from the DeFi protocol Sonne Finance. On the same day, a former employee of the Solana memecoin platform Pump.fun allegedly used privileged access to attack the protocol. The alleged attacker claimed to have been arrested by UK police in connection with the incident.
