After a 100% plunge in the price of $NORMIE following a smart contract exploit, the Normie memecoin team mulls negotiating with the accused hacker to recover 90% of the stolen funds, causing a $41.7 million drop in the market cap in under three hours.
The hacker offered to return 90% of the stolen Ether, so a new token will be launched to refund holders. The NORMIE team reportedly accepted the offer of ‘no reprisals’ and holder reimbursement.
NORMIE Hit by Flash Loan Attack, Team Negotiates Return of Stolen Funds
On May 26, a flash loan attack targeted the $NORMIE memecoin project on Base blockchain, exploiting a vulnerability in its contract tax mechanism. This breach enabled the attacker to borrow a large amount of cryptocurrency without collateral, manipulate the token supply, and repay the loan within the same transaction.
The instantaneous nature of blockchain transactions facilitated the attack, causing a rapid increase in NORMIE’s token supply. Consequently, the token’s price plummeted by over 99%, reducing its market value from $40 million to under $200,000.
Early this morning, the Normie project team announced that the hacker had contacted them and agreed to return 90% of the stolen funds. Despite this agreement, NORMIE’s price had dropped by 96% since the exploit. Blockchain analytics firm Lookonchain identified the exploit and the hacker’s offer through an on-chain message to Normie’s deployer address.
The $NORMIE exploiter sent a message to Normie Deployer.
The condition for returning 90% of the exploited ETH is that it and the 600 $ETH in the developer’s wallet are used to fairly launch a new token to reimburse $NORMIE holders.https://t.co/vmrXdgFMa2 pic.twitter.com/L7UkVbxZOe
— Lookonchain (@lookonchain) May 26, 2024
The Normie team accepted the hacker’s terms to recover the funds, which involved using the returned assets and $2.3 million from their development wallet to launch a new token for compensating NORMIE holders. In an official statement, the team addressed the hacker:
“Exploiter, we accept your offer to return 90% of the exploited $ETH. You may keep 10%, no reprisals.”
Following this announcement, the team’s primary account on X (formerly Twitter) was suspended. The team then communicated via a new account on X, announcing a relaunch planned after regaining access to their main account and securing the returned funds. However, this temporary account was also suspended shortly thereafter.
The hacker reiterated the conditions, emphasizing that the token relaunch must precede the return of funds:
“The dev wallet made significantly more than I did during this exploit, and I have no other way to ensure that those funds are used appropriately.”
NORMIE Holders Express Concerns Amid Silence from Project Post-Hack
Some cryptocurrency users on X (formerly Twitter) have expressed concerns regarding the NORMIE team’s silence following the suspension of their X handles. One user reported that the NORMIE team had “blocked messages on Telegram“ and had “very little information” about their plans. Several users speculated whether the hack could have been an “insider job.”
NORMIE was launched amid a surge in memecoin popularity on the Base blockchain in March 2024, reaching a peak market cap of $130 million on April 2, according to CoinGecko. The token’s price declined at 3:55 am UTC on May 26, plunging over 92% to $0.0032 within an hour.
The price further dropped by 99.5% after two and a half hours, with a brief spike to $0.019 before continuing its downward trend to $0.0016 at the time of writing, marking a 96% fall. The market cap, which fell from $41.9 million to a low of $200,000, has slightly recovered since then.
🚨 ALERT!
72,000 $NORMIE holders were hit by smart contract vulnerabilities last night! ShadowShield detected this vulnerability back in MARCH.
This is why we exist – to show you what the smart contract really says.
No one deserves to be scammed. pic.twitter.com/AbtsIPqyji
— Quick Intel (@quickintel_ai) May 26, 2024
According to the on-chain scam detection tool Quick Intel, 72,000 NORMIE holders were affected by the exploit. Quick Intel mentioned that the vulnerability had been detected in March, although it is unclear how much the token’s holders lost in the incident. The NORMIE team has yet to confirm the number of affected users.
Reminder, $NORMIE Holder Refunds are now live 📢
Due to the recent exploit, all holders are being issued a compensatory refund.
Check eligibility and claim your refund on our site below.
👉 https://t.co/RxeOPvKvCy pic.twitter.com/LQjKpnMwRv
— Normie (@RoyalClouds_x) May 27, 2024
They urged affected token holders to register for a snapshot to receive compensation:
“If you were affected in the latest exploit you may now register for the snapshot. We will be taking on entries until the end of May. Everyone who was a holder and registered will be airdropped on the new contract.”
Read the full article here