RocketSwap team has provided an explanation for the recent hack incident they encountered. The related errors encompass using offline signatures during the launchpad deployment and the decision to store private keys on a server. Some users on social media raised suspicions that the team might have executed a rug pull, a deceptive move to manipulate assets, but RocketSwap team firmly refuted these claims. Instead, they assert that a third-party hacker was responsible for these actions, distancing themselves from any involvement.
According to the team’s statement, the attacker targeted the cloud server used by the RocketSwap project, extracting their private keys. Subsequently, these keys were employed to transfer assets from the project’s yield farm. This resulted in significant losses for both the project and its community.
This incident marks the second serious security breach occurring on the Base network within a short span. Previously, another decentralized exchange, LeetSwap, fell victim to hacking, leading to substantial financial losses.
RocketSwap had undergone a developmental phase and managed to attract over $200 million USD worth of assets from Ethereum after the mainnet launch. However, this hacking event has generated profound repercussions and heightened concerns among the community.
Following the breach, the hacker shifted the stolen assets to Ethereum and introduced a new token called LoveRCKT. The token’s smart contract was then merged with 400 ETH liquidity on Uniswap. Despite the hacker’s actions, the price of LoveRCKT experienced a considerable surge before plummeting by more than 90%.