CertiK Logo
Products
Company
Back to all stories
Blogs
Tiger Incident Analysis
7/19/2022
Tiger Incident Analysis

TL;DR:

On 2022-07-15 09:50:19 EST, TIGER project’s liquidity was removed resulting in a > 50% slippage from a rugpull that happened in early June. The total loss from this rug is estimated at approximately $4.518M .

Event Summary:

On June 2nd 2022, the TIGER token dropped over >50% when tokens started being sold over many days. The last sale transaction ended on June 22, 2022.The project rug pulled approximately $4.518M worth of assets or a total of about 64,171 TIGER tokens that were sold across three accounts. The TIGER traffic platform is the first public chain platform of DAO mechanism developed by the international DAO organization in the form of donations to support the global technical team.It aims to protect wild animals and protect the ecological environment. TIGER Forest King” is an application combination of Gamefi+NFT+DeFi+Forest. Players can simulate tree planting on the chain, harvest ecological rewards, and auction the game. A variety of NFT assets (plots, trees, wildlife, etc.) At the same time, users consume equivalent TIGERs according to their favorite tree species, cast tree NFTs, and name the NFT trees or animals they own to achieve social interaction. Users can also list and sell NFTs on the trading platform.

Rugpull Address: 0xff4… Profit receiver address: 0x2b7…

Attack Technical Analysis:

Initial token distribution:

When deploying TIGER token, 20M TIGER was sent to address 0xb52… and 500K Tiger was sent to address 0xff4…

JkSc8dMTInas2CkbuyXyOyNZ4jz9DwCwuYf3uJf4xM4sDF4lNvgqf8b-JSSpqhxS7O3-w-b4GdxJaur9HS08qEIdvWKCoLoYqLnOjZ5dZuoTg6CRqdFESBYUEDSunXdPQoYTiaIOBmQSg9Jbr5a79KY

Address 0xff4… ( Rugpull Address)

YTLeIZM25SD w5LRtbiMMKJ3v ICIdyGnNLbeizAGJPzIppYODjRNlea8dRHC0XuyrTLRxsLg9jLfo5ua1qVdonzj0ZD-nIrIIzJBG0c9ulyoUnS5RjqjQYRuaryzJx6vumbBWyZgutbbrn-rdPR4kQ

The attacker transferred 35K to address 0x151… a) who added the token and 1M BSC-USD as liquidity to the pool in the transaction 0x7dcOMTxuWvXW6Zav 84W7XZvruWx853PifEshfHjEvrF0GYhso L7e0qCsiaTsMGJkdhcgWr4 iXwXORmnw7xZA84Mx3g873xAyaCGNmoxS9 3Z8lUyzbI5kKthazhtu8xzipfSkKne1fBv6H153l7dyE

b) Removed liquidity for 1.5M BSC-USD in the transaction 0xd72… c) Swapped BSC-USD for TIGER: 0x151

190K TIGER was transferred to address 0xbdc… and burnt and another 190K TIGER was transferred to address 0xe15… and stayed in the address

The address 0xff4… added 2.6M BSC-USD liquidity to the pool: Transaction 0x1465… added 1.5M BSC-USD Trasaction 0x15f7…added 0.5 M BSC-USD Transaction 0xcca… added 0.6 M BSC-USD

Lastly, the address 0xff4… removed the liquidity for 2.2M BSC-USD 0xc03… and transferred 10k tokens to address 0x2d6… That last address sold off a total of ~23,067 tokens after adding and removing liquidity.

Address 0xb52… 18M TIGER was transferred to address 0xe40… and stayed in the address 150K was transferred to address 0x26d… and stayed in the address. 18K was transferred to address 0x22b… and delivered to different addresses. 31K was transferred to address 0x50d… and delivered to different addresses. 2M was transferred to address 0x4ea… and stayed in the address.

Profit and Assets tracing:

For address 0x151… : The address' initial fund was 1M BSC-USD and added it as liquidity. The attacker eventually removed the liquidity and sent ~1.3M BSC-USD to address 0x2b7f

For address 0xff4… : The address swapped TIGER tokens for a total of 2.8M BSC-USD, and added the swapped 2.6M BSC-USD of it as liquidity in the pool. Finally, it removed liquidity and sent 2.2M BSC-USD to 0x2b7

The total amount of tokens sold off between the three addresses 0x15, 0xff49, and 0x2d6 are roughly 64,171 tokens, equating to a USD amount of approximately 4,517,455 USD. This is an accumulation of selling and removing liquidity profits.

Conclusion:

This issue can be found as an initial token distribution and falls under a centralization risk. Initial token distributions such as this one can leave investors susceptible to rug pulls and sudden price drops. CertiK audits pick up on these vulnerabilities and can help people do their own research before investing into a token. You can check our Leaderboard on our website for more information on tokens that have been audited by us to help you DYOR.