BlueMove DEX has reported a significant incident involving the loss of approximately $500,000 in SUI tokens from its locked liquidity pools. The event, which occurred last weekend, has triggered discussions among users regarding the possibility of an insider job.

Tyler Simpson, founder of Quantum Void Labs, initially posted screenshots indicating that over 700,000 SUI tokens were drained from BlueMove’s pools, claiming that the firm was responsible for a nefarious act. However, later statements from Simpson suggested that the platform had created a vulnerability, allowing for this exploit to occur.

Details of the Incident

Simpson pointed out that BlueMove had implemented a package on May 31 that seemingly set the stage for the exploit. According to him, this package integrated immutable functions like "add_liquidity_returns" and "double-mint LP inflation," which became a part of the exploit timeline, occurring over 40 days later. He characterized the event as a "delayed rug pull," indicating a premeditated act rather than coincidental exploitation.

In response, BlueMove has firmly denied allegations of wrongdoing, attributing the loss to an attacker who exploited an arithmetic overflow bug in the legacy Automated Market Maker (AMM) contract. This bug has reportedly existed since at least 2023, with BlueMove stating that an upgrade insufficiently addressed the issue, thus preventing further fixes.

BlueMove's Response and Next Steps

BlueMove communicated that the UpgradeCap, which was burned on June 3, has left them without an on-chain path to patch or disable the vulnerable version of the software. As the situation stands, they have indicated that any fix will necessitate either an independent admin capability or a complete migration to a new audited package.

In an effort to negotiate with the hacker, BlueMove reached out to the associated crypto address offering a white hat bounty deal: a 30% reward for the hacker if they returned 70% of the drained funds within 48 hours. Failure to comply would result in the firm pursuing all available legal and recovery routes.

To assuage concerns amid ongoing investigations, BlueMove has promised to compensate all affected users should it not receive a response from the hacker in the stipulated time frame. Furthermore, the operation of the firm is currently suspended as it navigates through this tumultuous episode.

This article is for informational purposes only and should not be considered financial advice.