- Amount Lost: $3,500,000.00
- Funds Returned: $0.00
- Category: Gaming / Metaverse
- Date: 2022-8-7
Quick Summary
Play-to-earn game Dragoma was rug pulled by its team, for $3,500,000 $USD.
**
Details of the Exploit**
Dragoma is an application with built-in GameFi and SocialFi elements. In the game, users were invited to form dragon training teams and receive rewards for their breeding, training, and competitions.
The project team drained the funds of its investors and withdrew the funds to a centralized exchange. The initial token holder EOA drained the pools after receiving 38,000,000 $DMA tokens from the project's vault contract with unverified source code. The token transfer transaction was initiated by the token deployer. As soon as they closed the project without announcing their community, they doubled the suspicion that the project is a scam by deleting their website, as well as all social networks. As the news about the scam spread among the community, the price of the token itself also collapsed, falling to 99%.
Block Data Reference
Attacker address:
https://polygonscan.com/address/0x4c0ce1c7d8f51fd2878c01806385f0c647db595d
Vault contract:
https://polygonscan.com/address/0xcec6540bf275328d962ea02e5e0fdff504cb3929
Token transfer transaction:
https://polygonscan.com/tx/0x70ce1369d3b7f95d872e65d1d38786889a958e12c7cfe7933e4d9559437129d2
Drain transaction example:
https://polygonscan.com/tx/0x7bbe8cc7ccc635b8e66ba47d757a51c61aad2ad423a6e3c85806c21bdb348c30
Proof Links: