Normie (NORMIE), a popular meme coin on the Base blockchain, experienced a dramatic 99% price drop on May 26, 2024, after a hacker exploited a vulnerability in its smart contract.
The attack caused the token’s market cap to plummet from nearly $42 million to just $200,000 within three hours.
TLDR
- NORMIE, a Base memecoin, suffered a 99% price drop due to a smart contract exploit
- The hacker offered to return 90% of the stolen funds if the team relaunches the token and reimburses holders
- A trader lost over $1.1 million as their NORMIE investment plummeted to less than $150
- The vulnerability was discovered in March, affecting around 72,000 NORMIE holders
- The attacker called the token’s contract code a “copy-paste” job, lacking thorough review
The hacker manipulated a tax function in the token’s code, allowing them to issue more tokens than the intended 1 billion supply and drain liquidity pools.
In an on-chain message, the attacker offered to return 90% of the stolen funds, keeping 10% as a bug bounty, under the condition that the Normie team relaunches the token and uses the returned funds, along with the $2.3 million in their development wallet, to reimburse NORMIE holders.
Normie’s team accepted the hacker’s offer and is currently negotiating the terms of the relaunch. They have also faced challenges with their social media accounts, as their main X (formerly Twitter) account was suspended.
🚨 ALERT!
72,000 $NORMIE holders were hit by smart contract vulnerabilities last night! ShadowShield detected this vulnerability back in MARCH.
This is why we exist – to show you what the smart contract really says.
No one deserves to be scammed. pic.twitter.com/AbtsIPqyji
— Quick Intel (@quickintel_ai) May 26, 2024
The exploit has had a devastating impact on NORMIE investors. One trader, who spent $1.16 million to acquire 11.23 million NORMIE tokens between March 25 and April 9, saw their investment’s value plummet to less than $150. The trader held the tokens without selling them since the purchase.
According to the creators of the blockchain scam detection tool Quick Intel, approximately 72,000 NORMIE holders were affected by the smart contract vulnerability, which was first identified in March.
In another on-chain message, the attacker criticized Normie’s contract code, calling it a “copy-paste” job that was likely not thoroughly reviewed by the developers before going live.
They noted that similar code is present in other token contracts, with most meme tokens simply copying and pasting from the same small set of contracts, all with overly complicated tax logic in the transfer function.
The Normie exploit highlights the risks associated with investing in meme coins and the importance of thorough code audits before launching a token.