Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge. When he's not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.
The Kokomo Finance protocol has been found to be an elaborate exit scam after developers used wrapped Bitcoin to steal user funds worth $4M.
According to reports, developers behind crypto lender Kokomo used Wrapped Bitcoin (wBTC) to perpetuate a $4 million exit scam. A CoinDesk report alleges developers pulled off the scam over the weekend after manipulating tokens to steal millions in user funds. The report further stated that these developers attacked the smart contract of wrapped Bitcoin token cBTC, from KOKO’s primary address. KOKO is the native digital currency of the Optimism-based lending protocol Kokomo Finance.
Kokomo tokens plummeted 95% within minutes following the exit scam, with the platform’s social media presence vanishing.
Security firm CertiK stated that the deployed attack contract plucked users’ funds from the platform through a smart contract loophole. In a Twitter thread, CertiK explained:
“The deployer of KOKO Token, address 0x41BE, deployed attack contract cBTC. Then set the reward speed, paused the borrow, and set the implementation contract into a malicious one.”
CertiK further broke down the transfer process deployed by the attacker to pillage the funds. According to the Web3 blockchain and smart contract security firm:
“Since the implementation contract has been upgraded to the malicious cBTC contract, the attacker called 0x804edaad method to transfer sonne WBTC to address 0x5C8d. Finally, the address 0x5C8d.. swapped 7010 sonne WBTC to 141 WBTC (~4M) for profit.”
CertiK also described the Kokomo exit scam as the most significant incident detected on Optimism.
Recent screen grabs show that Kokomo Finance had more than $2 million locked in before its staggering value descent. Furthermore, separate data revealed that more than 72% of the total value locked (TVL) in the protocol was in the form of wBTC.
Before the scam, Kokomo facilitated trading, borrowing, and lending of several digital currencies. In addition to Wrapped Bitcoin, these tokens include Ether (ETH), Tether (USDT), USD Coin (USDC), and Dai (DAI). The platform quickly gained favor among users as an open-source and noncustodial lending Optimism protocol.
Exit scams happen when developers or promoters of crypto projects market seemingly legitimate projects to investors, only to disappear thereafter. Usually, this disappearance, in form of liquidity cessations and online/offline scrubbing, occurs after the developers secure significant funds.
The Kokomo exit scam is the latest among a growing number of attacks centered on the evolving crypto market. In recent years, exit scams (or rug pulls) have proven to be a popular way for scammers to pilfer hard-earned user funds.
Last year, the Commodity Futures Trading Commission (CFTC) brought action against the founder of South Africa’s Mirror Trading International Proprietary Limited (MTI). The CFTC accused Steynberg of fraud, misappropriation, and misrepresentation after discovering MTI was a Ponzi. The Commission said Steynberg had amassed at least 29,421 BTC, worth about $1.7 billion at the time. The CFTC described the case as the single “largest ever fraud scheme case involving Bitcoin.”