Based Doge 91.4M BOGE was hit ‘similar to normie’
The team confirmed that the Memecoin protocol, Based Doge (BOGE), was used on the base network on May 27. The attack is “similar to Noormi,” the team said, with the attacker exploiting a vulnerability similar to the recent Noormi exploit.
The team reported the attack on X, “We regret to inform you that BOGE has been injured in a recent hacking incident (just like Normi).
Normi was exploited on May 26, the day before the Base Doge attack.
Based Doge is a memecoin project inspired by the Doge meme. He released a Web3 video game called “FlappyBoge” and plans to release a collection of invincible tokens.
According to the post, the team will take a screenshot of the current token balances and restart the project so that all victims of the attack are compensated.
Blockchain data shows that on May 27 at 5:48 PM UTC, an account ending in bAOC initiated more than 120 transactions on Base. Each transaction resulted in hundreds of thousands of BOGE being credited to the account, totaling 91.4 million BOGE.
In each transaction, the attacker calls an unauthenticated function on the smart contract at the address ending in 1a42. The code for this function is not human-readable because the contract is unverified.
After receiving these 91.4 million BOGE, the attacker converted them to 4.47 Ether (ETH), which was worth $16,926 at the time.
While the amount gained by the attacker was small, the impact on BOGE's value was huge. Before the attack, the value of BOGE was $0.002983, and the total supply of the coin was 1 billion, according to CoinMarketCap. This represents a market value of approximately $2.9 million.
As soon as the attack happened, the price dropped to 0.000072, losing more than $2.8 million from the 1 billion coins before the attack.
According to analysis published by Web3 insurance provider Neptune Mutual, the previous Normy attack was caused by a faulty “get_premarket_user” function. This functionality allowed a user to create new tokens if they were a premarket user or had the same account as the deployer's wallet. Tokens were then traded until the attacker had a balance equal to the sender's wallet, allowing them to become “special users” who were allowed to mint new tokens.
After taking over production, they issued more than 170,000 Normi tokens and dumped them on the market, causing a loss of more than $800,000.
Related: Memecoin Trader Loses Over $1M Following Normy Exploit
Modern contract exploits continue to pose risks to crypto users. On May 17, an attacker withdrew $20 million from DeFi protocol Son Finance. That same day, a former employee of Solana's memecoin platform Pump.fun allegedly exploited the protocol by using privileged access. The person who carried out the attack has been arrested by the British police in connection with the incident, he said.