A former employee behind the $2 million pump.fun exploit is demanding $100,000 payouts for each contributor, excluding the founders, while threatening to destroy the stolen funds if his demands are not met.
The attacker, who gained admin privileges at pump.fun—a Solana-based launchpad for memecoins—has threatened to burn the stolen funds unless the project’s management team distributes $100,000 to each contributor.
On May 17, the exploiter known as “Stacc” posted on social media, stating their willingness to burn the stolen tokens if the pump.fun team doesn’t comply with the payout demands. Stacc insists that at least seven individuals are entitled to these payments, although the identities and specifics of the distribution process remain undisclosed. As of now, pump.fun has not publicly responded.
In a detailed post-mortem, pump.fun revealed that a former employee exploited their privileged position to misappropriate over 12,000 SOL tokens, valued at around $2 million, through manipulations of the project’s smart contracts. The company has promised to compensate affected users and waive trading fees for the next seven days.
Stacc, who has acknowledged their involvement in the exploit, cited personal grievances, including the loss of their mother and issues with “horrible bosses,” as motivations. Experts are concerned about the potential impact of this exploit on the meme coin ecosystem within Solana, given pump.fun’s significant role in the market.
