NFT Exchange SudoRare Rug Pull $800,000 Hours After Launch, Goes Offline

On Tuesday, NFT exchange SudoRare defrauded users of around $820,000 in different crypto currencies. Prior to pulling the rug and shutting down its website and its associated social media profiles, SudoRare had only been operational for six hours. SudoRare Stole $820,000 Before erasing the project’s online presence on Tuesday, the creators of the non-fungible token […]
On Tuesday, NFT exchange SudoRare defrauded users of around $820,000 in different crypto currencies. Prior to pulling the rug and shutting down its website and its associated social media profiles, SudoRare had only been operational for six hours. SudoRare Stole $820,000 Before erasing the project’s online presence on Tuesday, the creators of the non-fungible token […]

On Tuesday, NFT exchange SudoRare defrauded users of around $820,000 in different crypto currencies. Prior to pulling the rug and shutting down its website and its associated social media profiles, SudoRare had only been operational for six hours.

SudoRare Stole $820,000

Before erasing the project’s online presence on Tuesday, the creators of the non-fungible token (NFT) platform Sudorare made off with customers’ cryptocurrencies totaling $820,000.

Sudorare is a fork of LooksRare (LOOKS), another decentralized NFT marketplace that pays users for using the service, and SudoSwap, a decentralized NFT marketplace renowned for its NFT liquidity pools and lower gas prices. In the past year, both projects have become more well-known in the cryptocurrency community.

Users who staked LOOKs, XMON, and wETH for Sudorare’s own tokens over the course of a week were given access to a yield farm.

On-chain data indicates that the incident happened early on Tuesday, just six hours after SudoRare went live. The exchange, which was created by an unidentified team as a fork of the NFT marketplaces LooksRare and sudoswap, was designed to let users build liquidity pools for NFT collections and earn fees by staking the project’s native token SR. But shortly after going live, the team “pulled the rug.”  The website and Twitter account for the platform vanished shortly after.

Rug pulls are scams in decentralized finance (DeFi) where the developers work legitimately on a blockchain and then drain the liquidity pools from the project, thereby “pulling the rug” out from under investors and causing a dramatic decline in connected tokens. Many Warned That It May Be A Scam

Many in the Crypto Twitter community were skeptical, with 2shabby tweeting on Monday that SudoRare could be a scam, “Don’t participate unless you want to take the risk of losing your money. This team is [anonymous], won’t dox [disclose their identities], and the possibility of this being a scam is high.”

Another Twitter user 0xStanec had a high degree of suspicion, saying, “This Is like a 1,001% scam project that noobs will fall for it.”

“Sudo rare is live but ppl staking into an upgradeable contract that points to a fork of master chef… Can’t see any reason to need an upgradeable version of Masterchef as it’s really battle tested already… stay safe as could be a scam,” one user going under Adam pointed out on Twitter earlier today.

Data from the on-chain forensics platform PeckShield reveals that the money has already been transferred to three separate wallets.

#PeckShieldAlert #rugpull Seems like @SudoRare rugged 519 $ETH (~$815k). SudoRare already deleted its social accounts/groups, sudorare[.]xyz is down Stole funds already transferred to 3 new addresses (173 $ETH/address): 0x75c3b2…3981 0x0498d1…8074 0xbFb784…7EAa https://t.co/mPC4bl4k6W pic.twitter.com/O5D7jThYvm

— PeckShieldAlert (@PeckShieldAlert) August 23, 2022

PeckShield and other observers made the assumption that the project’s founders were responsible for its demise. This is due to the fact that, given how soon after launch the hack occurred, they were the only ones who were probably to have access to the liquidity in the pool.

BTC/USD trades at $21k. Source: TradingView

The firm announced later that one of the crypto addresses belonged to a user who has an account with Kraken.

Kraken must conduct mandatory identification checks on each of its customers in accordance with “Know Your Customer” regulations because it operates as a regulated U.S. exchange. That implies that at least one individual connected to the attack may have been familiar with the exchange.

Featured image from iStockPhotos, chart from TradingView.com