- The Magnate Finance rug pull is amongst a long list of such attacks afflicting the DeFi sector.
- The total value locked amounted to $6.4 million.
Magnate Finance, a decentralized finance (DeFi) lending platform, left Base users reeling from a rug pull that has stripped them of millions in locked crypto assets. The team executed the scam by manipulating a price oracle, resulting in the theft of user funds.
DeFiLlama data indicated that Magnate’s total value locked (TVL) amounted to $6.4 million prior to the rug pull. This was facilitated by the compromised price oracle.
The malicious maneuver marks the latest in a series of rug pulls within the DeFi landscape, and it unfolded on Coinbase [COIN]’s emerging Layer 2 (L2) network, Base. The security experts at Peckshield were quick to reveal the scam, uncovering the manipulation of the price oracle that allowed the fraudsters to abscond with users’ deposited funds.
The developer modified the provider of the price oracle and removed all the assets. pic.twitter.com/cveB4jrrGc
— PeckShieldAlert (@PeckShieldAlert) August 25, 2023
The preemptive warning came from on-chain investigator ZachXBT signaled potential trouble for Magnate Finance and its users. Drawing connections between Magnate’s deployer address and a previous exit scam by the name of Solfire from January 2023, ZachXBT sounded the alarm. Solfire’s scam had resulted in crypto losses exceeding $4 million.
Community Alert: Magnate Finance on Base will likely exit scam in the near future currently with over $6.4M TVL.
The deployers address is directly linked to the Solfire $4.8M exit scam. pic.twitter.com/mBDUy3D66j
— ZachXBT (@zachxbt) August 25, 2023
Manipulated oracles and vanishing teams
As the news gained momentum, the Magnate Finance team took evasive action. They swiftly erased their digital footprint across platforms such as X (formerly Twitter) and Telegram. Notably, the Magnate Finance website became inaccessible, further heightening concerns about the legitimacy of the platform.
In a strange turn of events, the team indirectly responded to ZachXBT’s warnings. The on-chain investigator tweeted about their concerns, prompting the scammers to change their X bio to read “contract breached by Zach.”
In an even more perplexing response, the exit scammers engaged in a cryptic exchange with ZachXBT. They stated, “We stick to the plan? 50-50?” However, this bizarre interaction was short-lived. The team deactivated their X account shortly afterward, and there has been no observed public communication since.
The term “rug pull” refers to crypto projects that vanish after pilfering user assets, leaving investors with substantial losses. Base, Coinbase’s L2 network, has experienced its fair share of such incidents. This included the recent disappearance of nearly half a million dollars due to SwirLend’s abrupt exit in August.