Robinhood Co-Founder's Exposed Seed Phrase Enables $14M Memecoin Pump

MEME1.99%
BNB2.41%
BTC3.74%

An attacker exploited an exposed recovery phrase tied to a Robinhood co-founder's self-custody wallet to pump a memecoin called '$1' from a $500,000 market cap to $14 million in approximately two hours on July 13, according to Michael, Chief Business Officer of TokenPocket wallet. The mnemonic phrase was accidentally exposed during a live broadcast, allowing the attacker to import the wallet, which held approximately $1.5 million at the time. Thousands of traders who monitor high-value wallets interpreted the attacker's purchases as a deliberate investment by the Robinhood co-founder and copied the trade, driving the token's market cap up by nearly 28 times before the price collapsed. The token accumulated more than $20 million in trading volume. The incident demonstrates how wallet-tracking tools used by traders can be weaponized when the tracked wallet is compromised.

Attacker Imported Wallet After Live Broadcast Exposure

Michael detailed the sequence in a series of posts on X. The mnemonic phrase, a sequence of words used to access a non-custodial wallet, was accidentally exposed during a live broadcast. The attacker imported the wallet and began purchasing the '$1' token from the compromised address. Traders who monitor high-value wallets interpreted the purchases as a deliberate bet by the Robinhood co-founder and copied the trade. Late entrants absorbed the losses when the price reversed.

Robinhood Blocked Compromised Address via RPC Service

Robinhood's remote procedure call service blocked the compromised address, preventing further outgoing transactions from the wallet. The block stopped the attacker from draining remaining funds, but did nothing for traders who had already bought the pumped token on decentralized exchanges.

Attacker Moved to BNB Blockchain After Block

After the block took effect, the attacker moved to the BNB blockchain, created a new token, and engaged in wash trading to inflate its volume before cashing out. Bitcoin was valued near $62,800 and Ether at approximately $1,778 on July 13, both unaffected by the memecoin pump. No regulatory action has been announced in connection with the event. Robinhood's own self-custody security guidelines warn users never to share recovery phrases.

FAQ

How did the attacker gain access to the Robinhood co-founder's wallet?

The attacker imported the wallet using a mnemonic phrase that was accidentally exposed during a live broadcast. The wallet held approximately $1.5 million at the time of the leak.

What action did Robinhood take after the compromise?

Robinhood's remote procedure call service blocked the compromised address, preventing further outgoing transactions from the wallet. The block stopped the attacker from draining remaining funds.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments