Home Web3 SecurityCrypto Hacks & Exploits Safereum Exit Scam-Oct 23, 2023-Detailed Analysis

Safereum Exit Scam-Oct 23, 2023-Detailed Analysis

by ImmuneBytes
Safereum Exit Scam Oct-2023


On October 23, 2023, Safereum experienced a severe rug pull, resulting in a loss of approximately $1.3 million in an exit scam.

The externally owned address (EOA) associated with the ENS safereum.eth was found at the epicenter of this fraudulent activity.

The consequences: A dramatic 92% drop in the price of Safereum, marking it as one of the most significant exit scams of the month.

The Scam Mechanics

The Triggering Event

The scam’s initiation can be traced back to the unlocking of Safereum tokens held in a PinkLock contract by the EOA linked to safereum.eth.

Following this unauthorized release, a massive sale of these tokens took place, leading to a plummet in Safereum’s price.

Further Financial Drain

Adding insult to injury, after the conclusion of the project’s SAFEPAD Fair Launch, funds were siphoned off to safereum.eth. This unauthorized transfer amounted to a staggering loss of around $1.3 million in ETH.

In-depth Look into Safereum’s Operations

Team Background & Connections

Safereum’s smart contract was introduced to the crypto space on September 28, 2023, by EOA 0xf79.

Delving deeper reveals an intricate web of connections: the deployer was initially bankrolled by EOA 0xD24, which has ties to the ENS shiaholic.eth.

Primary funding routes for the wallet were through platforms like FixedFloat and ChangeNOW.

Despite some visibility into an individual’s Telegram account related to these transactions, their X account disappeared, coinciding with the Safereum scam, adding to the mystery.

As more layers of this intricate scam are peeled back, it becomes evident that the individual behind the shiaholic.eth wallet and connected accounts, was possibly the mastermind behind Safereum’s deployment.

Sequence of Dubious Events

Token Dynamics

Postdeployment, Safereum witnessed significant token activity. On October 2nd, safereum.eth locked a whopping 100 billion SAFEREUM tokens through PinkLock, setting an alarmingly short unlock time of 13 seconds.
Txn: https://etherscan.io/tx/0x580e97a885468cd582356ad741c9b23b38aadccb6a26a320cc233136b28dbebb

These tokens were dormant till October 22, when they were unlocked, and 4.5 billion SAFEREUM was directed to KuCoin. Interestingly, 95 billion of these tokens were relocked, hinting at a calculated ploy.

The FairLaunch Episode

October 23 saw Safereum’s FairLaunch for SafePad, targeting a soft cap of 20 ETH. As the presale culminated, a surprising 755.3389161 ETH (~$1,382,894) had been amassed.

However, what followed was an unsanctioned division of the SafePad presale funds, leading to further financial hemorrhage.

Following the SAFEPAD Fair Launch, safereum.eth executed the ‘Finalize’ function, distributing the presale funds as follows: 14.37 ETH to 0x4B0, 21.13 ETH to 0x498 ERC1967Proxy, 334.83 ETH to 0x67c (safereum.eth), and 348.49 ETH to the liquidity pool. The LP tokens were then locked in the Pink Lock contract for a year, putting the remaining SAFEPAD liquidity pool funds at risk.

The Exit Scam’s Footprints

The unscrupulous actions on October 23 had a ripple effect, hitting both SAFEPAD and SAFEREUM tokens. Detailed breakdowns illustrate the scope and audacity of this scam, painting a grim picture of the crypto landscape.

Safereum.eth initially acquired 800 billion SAFEPAD tokens, with about 683.9 billion tokens locked in the token presale contract.

This action left approximately 116 billion SAFEPAD tokens in safereum.eth’s wallet, which were sold alongside the unlocked SAFEREUM tokens. Along with the misappropriated ETH transferred to safereum.eth, the total scam amounted to a loss of 766.98 ETH (roughly $1.3 million).

Currently, around 110 WETH (worth nearly $197,000) remains in the SAFEPAD 3 liquidity pool, at risk once the LP tokens are unlocked.

The stolen ETH was distributed in this manner: thirteen wallets received 45 ETH each, which were subsequently transferred through fixed float, while 0x01Ee and 0xa220 received 3 ETH and 25 ETH, respectively.

Lastly, ETH worth just under $200,000 was converted to USDT and divided among three wallets, which then bridged the funds via a fixed float.

Closing Thoughts

The Safereum debacle, being the third most significant exit scam detected in October by Immunebytes, offers a sobering lesson. While the project flaunted endorsements from multiple audit firms, this incident underscores the limitations of smart contract audits in shielding investors from scams.

You may also like