Share this article
Solana Meme Coin Factory Pump.Fun Compromised by 'Bonding Curve' Exploit
The exploiter may not be making any money from the attack.
By Danny Nelson
Updated May 16, 2024, 6:43 p.m. Published May 16, 2024, 6:28 p.m.
The Solana blockchain's red-hot meme coin factory Pump.Fun descended into chaos Thursday at the hands of an exploiter who compromised the tech central to its issuance of joke cryptocurrencies.
"We are aware that the bonding curve contracts have been compromised and are investigating the matter," the months-old project's Twitter account announced two hours into the chaos. "We’ve paused trading – you cannot buy and sell any coins at the moment."
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Trading has been paused for now, according to Pump.fun, but prior to the announcement, traders were left to speculate on what was happening on the platform.
We are aware that the https://t.co/uE2QNKXkIT bonding curve contracts have been compromised and are investigating the matter.
— pump.fun (@pumpdotfun) May 16, 2024
We have upgraded the contracts so the attacker cannot siphon any more funds. The TVL in the protocol right now is safe.
We’ve paused trading — you…
Details of the attack were still coming together at press time.
According to people who are helping with the early stages of the investigation, an exploiter was using a combination of trading tactics to overwhelm Pump.fun and seemingly corner the market for dozens of meme coins. Oddly, on-chain evidence suggests the attacker was not making much of a profit. The people spoke with CoinDesk on the condition of confidentiality since the inquiries are still preliminary.
Pump.fun is a months-old project for creating and gambling on meme coins on the Solana blockchain. It advertises itself as a "fair launch" platform where investors can buy into joke tokens in their earliest moments. Coins sometimes hit it big for their investors, but most implode before they reach the critical market cap of $69,000 where tokens get released into the wild.
Thursday's exploit hit smart contracts responsible for issuing the meme coins on Pump.Fun curve, people said. The attacker tricked the platform's bonding curve into accepting phantom SOL tokens they had borrowed and quickly repaid in what's known as a "flash loan." This resulted in the bonding curves filling up with nonexistent SOL, making tokens look valuable despite no real buy-side interest.
The attacker has caused losses of $300,000 in SOL tokens, according to on-chain researchers. Rather than run off with the money, they used it to repay the flash loans and airdrop funds to other people, the people said.
Mehr für Sie
Was Sie wissen sollten:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
Mehr für Sie
JPMorgan Pushes Deeper Into Tokenization With Galaxy's Debt Issuance on Solana
Galaxy’s onchain debt deal, where JP Morgan acted as arranger, was settled in USDC stablecoin and backed by Coinbase and Franklin Templeton.
Was Sie wissen sollten:
- J.P. Morgan arranged Galaxy Digital’s commercial paper issuance on the Solana blockchain, one of the first of its kind in the U.S.
- Coinbase and Franklin Templeton bought the short-term debt instrument, settled in USDC
- Tokenization of real-world assets is gaining traction, with projections suggesting the market could reach $18.9 trillion by 2033.
Top Stories
