Hackers Are Targeting Abandoned Meme Tokens in Almost-victimless Crime

The hacker has been targeting tokens with redistribution rewards

article-image

Dall-e modified by Blockworks

share

An opportunistic hacker has been draining the remaining liquidity from abandoned token pools in what some have called an almost-victimless exploit.

The attacker uses flash loans from DeFi protocol Balancer to borrow a significant amount of money. They then redirect those funds to drive up the volume of a chosen token’s pool. 

Once the volume of the pool increases, the attacker drains the remaining liquidity from the pool and returns the money it borrowed from the flash loan.

These attacks were first spotted by Giorgi Khazarade, the CEO of Aurox, when he was testing to find bugs and data inconsistencies in Aurox’s screener functionality.

“I noticed one token (CATOSHI) had nearly $2M in volume but $0 in liquidity, which is extremely odd,” Khazarade told Blockworks. “I thought it was a bug but when looking more into it, I found the stats our platform displayed were correct.”

In the CATOSHI exploit noted by Khazarade, the hacker borrowed an estimated $184 million in wETH through a flash loan, using approximately $1 million from that loan to purchase CATOSHI tokens.

According to a CATOSHI white paper that was published in 2022, the token had launched on Ethereum with an initial supply of 21 million. This amount was later burnt down to 11 million. 

CATOSHI’s tokenomics were a reworked version of reflect finance’s (RFI) frictionless yield generation code. It included a 6% tax, where 3% of it was redistributed to holders, 2% was burnt and 1% was directed to a charity wallet. 

This means that token holders would be given a 3% redistribution reward whenever anyone bought or sold the CATOSHI token. 

After purchasing over 166K in CATS, the attacker bridged the tokens onto the BNB chain. There they sold the tokens for roughly 10 BNB, leaving them with a total profit of $3,000-$4,000. The remaining funds were returned to pay back their flash loan.

Khazarade noted that another token, IMMORTAN, also saw a similar fate

“I noticed a second token (IMMORTAN) in our Screener with similar stats,” Khazarade said. “Large volume and just a couple hundred dollars in liquidity. A similar attack using flash loans had been launched against that token multiple times over the past week to drain the liquidity pool of about $2-3k.”

Similar to CATOSHI, IMMORTAN also had redistribution awards. According to its white paper published in 2021, a 10% tax was applied to buyers and sellers, with 8% of that tax being redistributed to holders and 2% given to the development team for operational purposes. 

“In this instance though, he executed the attack a lot. In fact, he’s still doing it even though there’s ~$100 in liquidity left. He’s basically trying to drain every penny of it,” Khazarade said. “Each attack only yielded a small amount of profit, and by my estimates, he made a combined ~$3k.”

CATOSHI and IMMORTAN are not the only tokens that have had their pools completely drained. More recently, Khazarade noted that the attacker extracted $4,000 in ETH from CATS V3. A project named ​​CRAB has also seen $2,000 in ETH cleared from its pools. 

Just yesterday, the attacker used a similar method to extract WEEB of almost $30,000 in ETH liquidity.

“I’m not 100% certain but it seems like [the attacker] routinely deployed malicious smart contracts that abuse a variety of tokens and drain their liquidities,” Khazarade said.

“Some seem to be specialized which only attack one individual token, whereas other contracts can do it for various tokens…probably because the tokens use some template code with the same bug.”


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Research Report Templates.png

Research

Maple Finance has successfully navigated significant market challenges through its strategic pivot to secured lending (Maple v2) and the launch of its Syrup product. Syrup has become a primary growth driver, delivering sustainable, outperforming stablecoin yields and rapidly increasing TVL. The upcoming custody-first Bitcoin staking product (istBTC) presents another significant avenue for expansion. Crucially, Maple has achieved operational profitability, a key inflection point that, combined with a fully vested token and active buyback mechanism, strengthens its investment case. While valuation metrics suggest potential undervaluation relative to peers and growth, the primary forward-looking risk identified is the long-term sustainability of its current high-take-rate collateral staking revenue model.

article-image

LBTC and sBTC integrations unlock new DeFi yields for BTC holders

article-image

The Breakdown becomes your central hub for insightful, daily crypto macro analysis

article-image

What was a cool $500,000 would now be worth more than $7 million

article-image

Mersinger’s final day at the CFTC will be May 30

article-image

Squads CEO Stepan Simkin explained why the firm launched Altitude and how he’s thinking about stablecoins

article-image

Sponsored

Instead of endless wallet popups, users could connect once, set clear rules, and delegate permission to an app or to an AI agent.