TopGoal hacked for $1.8m

TopGoal became the latest high-profile victim of hacking on February 16, when the project was exploited and almost five million TMT tokens ($1.8m) were sold.

Crypto monitoring and security group Peckshield was quick to point out the major slippage the token was experiencing from the massive sell off.

Initially Peckshield and Twitter users assumed this was done on purpose by the team as part of a scam but TopGoal quickly announced their project had been compromised.

The TopGoal team made the mistake of using a hot wallet to store a massive amount of funds it intended to use for prize distribution. Hot wallets are easy to use and manage but they come at the cost of security compared to cold wallets or hardware wallets.

The price of the TMT token dropped 50% in minutes as the hacker sold the tokens into BNB and transferred them to an unknown wallet using TornadoCash.

The TopGoal team announced in a blog that it would attempt to fix the price by manipulating liquidity pools for the decentralized exchange.

This solution will not have as big of an effect as holders would like as there are no buy-backs planned.

The TopGoal project announced it has halted its platform as it looks to improve security for its hot wallet. All users’ TMT tokens and NFTs on the platform are safe.

TopGoal is an NFT and GameFi platform which grew in popularity as it acquired a license to sell NFT collectibles of football players.

The project had large backers, including Binance, and had just recently had an AMA with Binance CEO, CZ, in which the project was praised.

Like many other projects which have been hacked recently, this project was built on the Binance Smart Chain.

The incredible amounts of hacks and scams on the blockchain has been a huge issue for PR and many crypto enthusiasts avoid projects on this chain because of its reputation.

Binance Smart Chain (BSC) has even attempted to rebrand as BNB chain but a name change is not enough when the hacks and scams continue to grow.

At this point in time there is no report on how the hacker managed to get access to the team’s hot wallet.

Crypto communities have suggested that the wallet was either exploited by social engineering attacks or through malware. The funds from this attack will likely be found and frozen from trading on exchanges.

Source

Updated: 02/18/2022 — 20:00