Following a complete collapse in the value of $NORMIE due to a smart contract breach, the Normie memecoin team is considering engaging in discussions with the alleged hacker in hopes of reclaiming 90% of the pilfered assets. This deliberation triggered a rapid decrease of $41.7 million in market capitalization within a mere three-hour timeframe.
In response to the hacker’s proposal to return 90% of the Ethereum stolen, a plan is in motion to introduce a new token for reimbursing affected holders. Allegedly, the NORMIE team has agreed to the terms of ‘no retaliation’ and reimbursement for holders.
NORMIE Hit by Flash Loan Attack, Team Negotiates Return of Stolen Funds
On May 26, an assault using flash loans targeted the $NORMIE memecoin initiative on the Base blockchain, capitalizing on a vulnerability within its contract tax mechanism. This breach empowered the attacker to borrow a significant sum of cryptocurrency sans collateral, manipulate the token supply, and settle the loan in a single transaction.
The swiftness inherent in blockchain transactions facilitated this assault, triggering a swift surge in NORMIE’s token supply. As a result, the token’s value nosedived by more than 99%, slashing its market capitalization from $40 million to less than $200,000.
In the early hours of the morning, the Normie project team disclosed that the hacker had reached out to them, offering to return 90% of the pilfered funds. Despite this agreement, NORMIE’s value had plummeted by 96% following the exploit. Blockchain analysis firm Lookonchain identified both the exploit and the hacker’s proposal through an on-chain message directed to Normie’s deployer address.
The Normie team agreed to the hacker’s terms for fund recovery, which entailed utilizing the returned assets along with $2.3 million from their development wallet to initiate a new token for compensating NORMIE holders. In an official statement, the team directly addressed the hacker:
“To the Exploiter, we accept your proposition to return 90% of the exploited $ETH. You may retain 10%, and there will be no retaliatory actions.”
Upon making this declaration, the team’s primary account on X (formerly Twitter) was suspended. They then resorted to communicating through a new account on X, announcing intentions for a relaunch once access to their main account was regained and the returned funds were secured. However, this temporary account was also suspended shortly thereafter.
The hacker reiterated the terms, underscoring that the token relaunch must precede the return of funds:
“The dev wallet amassed significantly more than I did during this exploit, and I have no other means to ensure that those funds are appropriately utilized.”
NORMIE Holders Express Concerns Amid Silence from Project Post-Hack
Following the suspension of their X handles, some cryptocurrency users have voiced concerns about the NORMIE team’s silence. One user noted that the team had “blocked messages on Telegram” and provided “very little information” about their plans. Speculations have arisen among users about the possibility of the hack being an “insider job.”
NORMIE emerged during a surge in memecoin popularity on the Base blockchain in March 2024, reaching its pinnacle market cap of $130 million on April 2, as per CoinGecko. However, at 3:55 am UTC on May 26, the token’s value plummeted by over 92% to $0.0032 within an hour.
The price experienced a further decline of 99.5% after two and a half hours, briefly spiking to $0.019 before resuming its downward trajectory to $0.0016 at the time of writing, marking a staggering 96% plunge. Although the market cap initially plummeted from $41.9 million to a mere $200,000, there has been a slight recovery since then.
Quick Intel, an on-chain scam detection tool, reported that approximately 72,000 NORMIE holders were impacted by the exploit. It was mentioned that the vulnerability had been identified in March, although the extent of losses incurred by token holders remains unclear. The NORMIE team has yet to confirm the precise number of affected users.
In response, they have urged affected token holders to register for a snapshot to facilitate compensation:
“If you were affected in the latest exploit, you may now register for the snapshot. We will be accepting entries until the end of May. Everyone who was a holder and registered will receive an airdrop on the new contract.”