Former employee blamed for $1.9M exploit at pump.fun, the Memecoin creator

Former employee of pump.fun, a Solana memecoin creation tool, has been accused of exploiting the company for nearly $2 million through a “bonding curve” attack. The ex-employee allegedly used their privileged position to access a withdraw authority and compromise the protocol’s internal systems. Approximately $1.9 million was stolen from the $45 million held in pump.fun’s bonding curve contracts. Although trading was temporarily paused, the platform is now back up and running. Pump.fun stated that their smart contracts are safe and users affected by the incident will receive 100% of the liquidity within the next 24 hours. Prior to pump.fun’s announcement, Igor Igamberdiev, head of research at cryptocurrency market maker Wintermute, claimed that the hack resulted from an internal private key leak, suspecting a user named “STACCoverflow.” The alleged exploiter used flash loans on Solana lending protocol Raydium to borrow SOL tokens and buy as many coins as possible. Once the coins reached 100% on their respective bonding curves, the exploiter accessed the bonding curve liquidity and repaid the flash loans. In total, approximately 12,300 SOL, equivalent to $1.9 million, was stolen between 3:21 pm and 5:00 pm UTC on May 16. Pump.fun assured users impacted during this timeframe that they would recover 100% or more of the liquidity held prior to the attack.