VERDICT —OUT OF SCOPE
Root cause is social engineering — privileged personnel deceived into authorizing the drain. Contract behaved as written. Defense lives in process controls (multi-party approval, M-of-N signoff windows), not in smart-contract review.
▰ METHOD
SOCIAL ENGINEERING
SOCIAL-ENGINEERING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
According to Pond.fun's official disclosure, the Linea-based meme coin launchpad Pond.fun was hacked this morning. Initial on-chain and off-chain evidence suggests that Pond.fun’s lead software engineer was behind the attack. The attacker drained liquidity from the Pond.fun smart contract and sold off the project tokens. Attack method (per SlowMist): Insider Manipulation. Reported loss: $ 145,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Pond.fun
- bug_class
- social-engineering
- date_occurred
- 2025-03-05
- loss_usd
- $145,000
- source_id
- sm:pond-fun::2025-03-05
Related — same bug class· social-engineering
2026-05-11
1mo ago
SOL
social-engineering
$2.86M
OUT OF SCOPE
2026-04-01
2mo ago
SOL
social-engineering
$286.00M
OUT OF SCOPE
2026-02-23
3mo ago
—
social-engineering
—
OUT OF SCOPE
2025-09-01
9mo ago
BSC
social-engineering
$2.00M
OUT OF SCOPE
2025-07-24
10mo ago
MULTI
social-engineering
$14.00M
OUT OF SCOPE
2025-04-27
1y ago
—
social-engineering
$100.0K
OUT OF SCOPE