Popular Base Memecoin Normie Exploited, Reportedly Strikes 'No Reprisals' Deal With Hacker

Normie token — $NORMIE is a popular memecoin on Ethereum layer 2 network Base. Normie Website/Screenshot

KEY POINTS

The exploit almost entirely wiped the memecoin's market value of around $40 million within a minute
The hacker offered to return 90% of the stolen Ether on the condition that a new token is launched to refund holders
$NORMIE team reportedly accepted the 'no reprisals' and holder reimbursement offer

NORMIE, a popular memecoin on Ethereum layer 2 network Base, suffered a flash loan attack Sunday that made the token's multimillion-dollar value plummet by over 99%.

Substack publication Wu Blockchain wrote on X (formerly Twitter) Sunday that the attacker "used a loophole in the contract's tax mechanism to conduct a flash loan attack" that resulted in the token's price plunging by over 99% within just a minute. Wu Blockchain added that NORMIE's market cap was $40 million before the exploit. As of writing, the memecoin's market capitalization is only at over $435,000, according to CoinGecko.

Memecoin Normie was attacked, and its price plummeted by more than 99% in one minute, with its market value falling from $40 million to less than $200k. The supply of Normie has been significantly increased, and the attacker used a loophole in the contract's tax mechanism to…
— Wu Blockchain (@WuBlockchain) May 26, 2024

Blockchain analytics firm Lookonchain revealed that the exploiter has reached out to the team behind Normie. "I offer to return 90% of the exploited ETH (Ether), keeping 10% as a bug bounty (with no reprisals)." The exploiter also said the funds to be returned, along with 600 Ether worth around $2.3 million based on current prices, should be used "to fairly launch a new token that is used to reimburse Normie holders," as per a screenshot of the message.

The $NORMIE exploiter sent a message to Normie Deployer.

The condition for returning 90% of the exploited ETH is that it and the 600 $ETH in the developer's wallet are used to fairly launch a new token to reimburse $NORMIE holders.https://t.co/vmrXdgFMa2 pic.twitter.com/L7UkVbxZOe
— Lookonchain (@lookonchain) May 26, 2024

The Normie team has reportedly accepted the hacker's offer. "You may keep 10%, no reprisals. All $ETH from the normie dev wallet will be used to rectify this situation and assist in our relaunch," the development team wrote on X. However, the team's main account has since been suspended. A temporary account has also been suspended.

On-chain scam detecting tool Quick Intel claimed that a total of 72,000 NORMIE holders were affected by the exploit, which it said had previously been detected in March. However, it is unclear how much the token's holders actually lost in the incident and the team has yet to confirm the number of affected users.

🚨 ALERT!

72,000 $NORMIE holders were hit by smart contract vulnerabilities last night! ShadowShield detected this vulnerability back in MARCH.

This is why we exist - to show you what the smart contract really says.

No one deserves to be scammed. pic.twitter.com/AbtsIPqyji
— Quick Intel (@quickintel_ai) May 26, 2024

The NORMIE exploit follows about a week after Pump.fun, a memecoin deployer on the Solana blockchain, was exploited for nearly $2 million after the exploiter carried out flash loan attacks.

Pump.fun said the system breach was carried out by a former employee who "illegitimately" accessed the coin factory's withdrawal authority. Trading was paused for around two hours and the team said contacts have been upgraded to prevent further attacks.

Some cryptocurrency users on X (formerly Twitter) have raised concerns about the team's silence following the suspensions of their X handles. One user said the NORMIE team "blocked messages on Telegram" and there is "very little information" on their plans moving forward. Several users also asked whether the hack was an "insider job."