BNB chain’s Four.Meme suspends token launches following exploit

Binance smart chain-based meme coin launcher Four.Meme was exploited for the second time in two months, with the latest attack forcing the platform to suspend token launches.

On March 18, blockchain security firm SlowMist flagged a critical vulnerability that allowed an attacker to manipulate the platform’s smart contract.

According to SlowMist, the attacker used the 0x7f79f6df function to scoop up some tokens before their official launch. 

They then sent these tokens to a PancakeSwap pair address that didn’t even exist yet, essentially setting up the pair themselves and adding liquidity without actually transferring the pre-launch tokens.

This move let them sidestep Four.Meme’s MODE_TRANSFER_RESTRICTED setting, which is meant to block token transfers before launch.

With that restriction out of the way, the attacker added liquidity at a price they controlled, draining funds from the pool.

Four.Meme hasn’t revealed how much was lost but has promised to compensate affected users.

For now, the platform has suspended all token launches while investigating the breach.

Launched in July 2024, Four.Meme is a BNB Chain-based meme coin launchpad designed to help projects create and launch tokens with integrated liquidity on PancakeSwap.

The launchpad drew community attention for hosting meme coin launches, including the recent Mubarak (MUBARAK) token, which has rallied significantly, especially after Binance founder Changpeng Zhao purchased a small amount.

However, repeated security breaches have raised concerns about user safety on the platform.

The second exploit of 2025

Unfortunately, for Four.Meme, this was the second time it has been exploited in less than two months time.

As previously reported by Invezz, last month, the platform suffered an attack that led to a $183,000 loss. 

The attacker manipulated liquidity by setting up a fake liquidity pool on PancakeSwap V3 before the real one launched, tricking traders into providing liquidity before draining the funds.

The exploit took advantage of a loophole in how Four.Meme handles liquidity pool migrations, allowing the attacker to create a skewed liquidity pool with an extreme price imbalance before the token’s official launch.

Since Four.Meme didn’t verify the pool’s price, the liquidity added simply followed the attacker’s manipulated pricing, enabling them to drain the pool.

In response, Four.Meme temporarily halted liquidity operations and later patched the issue.

However, some community members criticized the team for allegedly ignoring multiple warnings about the exploit before the attack happened.

With this latest breach, the pressure is mounting on Four.Meme to step up its security measures before trust in the platform erodes further.

Crypto market plagued by exploits

Meanwhile, exploits, hacks and scams have racked up nearly $1.53 billion in losses last month, with the massive $1.4 billion Bybit hack making up the bulk of it, according to blockchain security firm CertiK.

Last month, decentralised lending protocol zkLend lost over $9 million after a hacker exploited one of its smart contracts, forcing the platform to temporarily suspend operations.

As previously reported by Invezz, crypto hacks jumped over nine times in January 2025 compared to the previous month. BNB chain was the most targeted network, having suffered 10 reported attacks.