On Friday, March 5th, $PAID plunged by nearly 90% after an unknown attacker minted over 59.4 million tokens. It is reported that it was a hacker, but many now speculate an inside job caused the fall.
Paid Protocol was shilled by major crypto influencers, including Ivan on Tech and Scott Melker, before becoming a shitcoin. The token went from $2.80 to $0.30 in a matter of minutes.
One of the weird things about this story is the attacker didn't fully cash out; the attacker could have made $180 million if he just swapped all of his $PAID in his wallet. The attacker decided only to swap out $3.1 million of ETH and let the rest of the $PAID in the wallet.
Summary of $PAID incident:
— vasa (@vasa_develop) March 5, 2021
Total PAID swapped to WETH: 2079.603371141493
= $3,104,887.33
Total PAID left in account: 594,717,455.71
= $24,313,147
Total amount in attacker account = $27,418,034.33
Stay Safe. pic.twitter.com/Lz93qGKAq0
Was this a hack or a rug?
Twitter account WARONRUGS tweeted out a scam advisory about $PAID back in late January, saying the owners could mint tokens at will.
❌ Scam Advisory #86- PAID Network $PAID (0x8c8687fC965593DFb2F0b4EAeFD55E9D8df348df)
— #WARONRUGS❌ (@WARONRUGS) January 25, 2021
Reason: The owner can mint tokens and did mint tokens to fresh wallets who never bought the presale. Contract is behind a proxy.
Likeliness of losing all funds: Very High
DYOR. #WARONRUGS❌ pic.twitter.com/YQunjpWuxY
There is growing evidence that this was rug pull and not an attack as Paid Protocol claims. WARONRUGS says, "Paid deployer transferred the ownership of the proxy contract to another wallet, which then changed it with a malicious one that can rug." This would mean someone inside knowingly transferred the smart contract that could mint new tokens to the attacker and drawn suspicion to Paid Protocol.
🚨 We now have evidence that $PAID was an insider attack. Paid deployer transferred the ownership of the proxy contract to the another wallet, which then changed it with a malicious one that can rug (mint function was re-enabled) as we explained before.https://t.co/zJddXw8iU9 pic.twitter.com/Bgh1HeJd7y
— #WARONRUGS❌ (@WARONRUGS) March 6, 2021
Did someone really dump 51 million $ worth of $PAID or was there a rug pull lol...
— Devchart 👨🏻💻 (@devchart) March 5, 2021
This is insane pic.twitter.com/u3IdJACT1E
Basically, what happened in this attack WARONRUGS warned everyone back in January. Since Friday, they have been making memes about this whole situation, and I would recommend checking them out. They're pretty funny.
Let's look at what is coming out from Paid Protocol.
Paid Protocol has denied the claim that this was a rug and has done their own investigation. Down below, you can read what Paid Protocol claims to have happened:
Paid Protocol does plan on taking a snapshot and restoring everyone's balance before the attack. If they are going to follow through with this, it would be like what happened with Cover Protocol back in December.
We are investigating the issue. We pulled liquidity, are creating a new smart contract, & will be restoring everyone's original balances to before the hack.
— PAID NETWORK (@paid_network) March 5, 2021
Those with staked, Lpool & UniFarm $PAID will have their tokens be sent to them manually.
We will share more updates soon
If this was a rug pull or a hack it was still a failure on Paid Protocol Many people lost tons of money and this is a reminder to keep your DEFI investments diversified and to listen to WARONRUGS.
