KEY POINTS
- The exploit almost entirely wiped the memecoin's market value of around $40 million within a minute
- The hacker offered to return 90% of the stolen Ether on the condition that a new token is launched to refund holders
- $NORMIE team reportedly accepted the 'no reprisals' and holder reimbursement offer
NORMIE, a popular memecoin on Ethereum layer 2 network Base, suffered a flash loan attack Sunday that made the token's multimillion-dollar value plummet by over 99%.
Substack publication Wu Blockchain wrote on X (formerly Twitter) Sunday that the attacker "used a loophole in the contract's tax mechanism to conduct a flash loan attack" that resulted in the token's price plunging by over 99% within just a minute. Wu Blockchain added that NORMIE's market cap was $40 million before the exploit. As of writing, the memecoin's market capitalization is only at over $435,000, according to CoinGecko.
Blockchain analytics firm Lookonchain revealed that the exploiter has reached out to the team behind Normie. "I offer to return 90% of the exploited ETH (Ether), keeping 10% as a bug bounty (with no reprisals)." The exploiter also said the funds to be returned, along with 600 Ether worth around $2.3 million based on current prices, should be used "to fairly launch a new token that is used to reimburse Normie holders," as per a screenshot of the message.
The Normie team has reportedly accepted the hacker's offer. "You may keep 10%, no reprisals. All $ETH from the normie dev wallet will be used to rectify this situation and assist in our relaunch," the development team wrote on X. However, the team's main account has since been suspended. A temporary account has also been suspended.
On-chain scam detecting tool Quick Intel claimed that a total of 72,000 NORMIE holders were affected by the exploit, which it said had previously been detected in March. However, it is unclear how much the token's holders actually lost in the incident and the team has yet to confirm the number of affected users.
The NORMIE exploit follows about a week after Pump.fun, a memecoin deployer on the Solana blockchain, was exploited for nearly $2 million after the exploiter carried out flash loan attacks.
Pump.fun said the system breach was carried out by a former employee who "illegitimately" accessed the coin factory's withdrawal authority. Trading was paused for around two hours and the team said contacts have been upgraded to prevent further attacks.
Some cryptocurrency users on X (formerly Twitter) have raised concerns about the team's silence following the suspensions of their X handles. One user said the NORMIE team "blocked messages on Telegram" and there is "very little information" on their plans moving forward. Several users also asked whether the hack was an "insider job."