NFT Exchange SudoRare Goes Dark After $820,000 Rug Pull
Important takeaways
- NFT exchange SudoRare scammed users out of around $820,000 in various crypto tokens on Tuesday.
- Immediately after the incident, the anonymous developers behind the project deleted the exchange’s website and disappeared from Twitter.
- Blockchain security firm PeckShield has linked one of the attackers’ wallets to cryptocurrency exchange Kraken.
Share this article
SudoRare was live for just six hours before pulling the plug and taking down the website and all associated social media accounts.
SudoRare walks away with $820,000
After a series of warnings that SudoRare could be a scam made the rounds on Crypto Twitter, the anonymous team behind the decentralized NFT exchange has pulled the curtain. The theft has defrauded users of around $820,000 worth of ETH and other crypto tokens.
In accordance data on the chain, the incident happened early Tuesday, just about six hours after SudoRare went live. The exchange, which was spun off as a fork of NFT marketplaces LooksRare and sudoswap by an anonymous team, was supposed to allow users to create liquidity pools for NFT fundraising and collect fees by staking the project’s native token SR. Soon after going live, the team “pulled the curtain”, crypto terminology for stealing funds from users and disappearing without a trace. Shortly after leaving with $820,000, the platform’s website and Twitter disappeared.
The culprits behind the attack retreated about $315,700 in WETH, $200,000 in XMON and $314,700 LOOKS tokens from the exchange before exchanging the assets for ETH and moving the funds to three Ethereum wallets. Blockchain security firm PeckShield has traced the attacker to a wallet funded by centralized exchange Kraken. “The actor behind SudoRare rugpull seems a @krakenfx user,” the firm so on Twitter today, providing chain proof of the connection.
As a regulated US-based exchange, Kraken is subject to “Know Your Customer” requirements that enforce mandatory identification checks on all customers. This means that at least one person connected to the attack may be known to the stock exchange.
The theft occurred despite several warnings on Crypto Twitter that SudoRare could be a scam. “sudo weird is live but ppl are betting on an upgradable contract pointing to a fork of masterchef… Can’t see any reason to need an upgradable version of Masterchef as it’s really battle tested already… stay safe as may be a scam,” one user goes by Adam pointed out on Twitter earlier today. The team pulled the curtain a few hours later.
Disclosure: At the time of writing, the author of this article owned ETH and several other cryptocurrencies.