In a shocking turn of events, Swaprum, a decentralized exchange (DEX) operating on the Ethereum Layer 2 network Arbitrum, has reportedly disappeared with an estimated $3 million in user deposits. The incident has left users in distress and raised concerns about the security and trustworthiness of decentralized platforms.
On-Chain Analysis Reveals Siphoning of User Funds
Blockchain security firm PeckShield conducted an on-chain analysis, uncovering that approximately 1,628 ETH, equivalent to $3 million, was siphoned off from Swaprum’s liquidity pools. The exchange’s team allegedly withdrew liquidity provided against its native token on the platform, resulting in a drastic drop in the price of Swaprum (SAPR) tokens, leaving unsuspecting investors with near-worthless holdings.
Laundering Attempts and Social Media Disappearance
To further obfuscate the transaction trail, the funds were transferred from the Arbitrum network to Ethereum and then laundered through the popular Ethereum mixer service, Tornado Cash. Meanwhile, Swaprum’s digital presence evaporated overnight, with the deletion of their social media accounts on platforms such as Twitter, Telegram, and GitHub. The project’s website remains active, while attempts to reach the team for comment have been unsuccessful.
Unveiling of Hidden Backdoor Functionality
Security analysts at Beosin made a significant discovery regarding Swaprum’s smart contract. They found evidence of a hidden backdoor functionality, enabling the deployer of Swaprum to steal LP (liquidity provider) tokens staked by users and profit from removing liquidity from the pool. This malicious action granted the perpetrators full control over user assets, exacerbating the severity of the alleged exit scam.
Persistent Exit Scam Incidents in the Ethereum Layer 2 Space
The incident involving Swaprum marks the latest in a series of exit scams within the Ethereum Layer 2 ecosystem. Just last month, developers of Merlin, a decentralized exchange on the zkSync network, vanished with nearly $2 million in a similar case, highlighting the need for enhanced due diligence and security measures when engaging with decentralized platforms.