QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$4 000 000 USD
MARCH 2023
GLOBAL
KOKOMO FINANCE
DESCRIPTION OF EVENTS
"Kokomo Finance [was] an open source and non-custodial lending protocol on Optimism and Arbitrum."
"Kokomo Finance, an open source and non-custodial lending protocol. Enter http://kokomo.finance to lend, borrow and earn $KOKO here. A 14-days genesis mining starts now with a decent APR!"
"Hola Degen! After a long research, found a permission-less lending protocol to help the user to lend and borrow digital assets. The name of protocol is - @KokomoFinance which is built on @optimismFND Now lets jump to some depth of this protocol"
"The project’s audit, conducted by 0xGuard, covered just the token contract, rather than the protocol at large."
"1/ The deployer of KOKO Token, address 0x41BE, deployed attack contract cBTC. Then set the reward speed, paused the borrow and set the implementation contract into a malicious one.
2/ Address 0x5a2d… approved the cBTC contract to spend the 7010 sonne WBTC.
3/ Since the implementation contract has been upgraded to the malicious cBTC contract, the attacker called 0x804edaad method to transfer sonne WBTC to address 0x5C8d.
4/ Finally, the address 0x5C8d.. swapped 7010 sonne WBTC to 141 WBTC (~4M) for profit."
"The lending protocol had launched on Optimism less than a week ago, and its token, KOKO, less than 36 hours before the rug."
"Kokomo Finance took off with approximately $4M, deleting their website, Twitter, GitHub and Medium in the process."
"Wrapped Bitcoin deposits were rugged via changes made by the project’s deployer address. Almost $2M of tokens still remain in the project’s pools on Optimism.
But with the contracts paused and users unable to withdraw funds, the question remains…
…will they be back for the rest?"
"Whatever the future holds for Optimism, one thing’s for certain:
Kokomo has flatlined."
Kokomo Finance was a newly launched open-source and non-custodial lending protocol built on Optimism and Arbitrum. It allowed users to lend and borrow digital assets, and its token KOKO had a 14-day genesis mining program. The protocol's audit, conducted by 0xGuard, only covered the token contract, not the entire protocol. Within a week of its launch, the protocol was exploited, resulting in the loss of around $4M, and the project's website, Twitter, GitHub, and Medium accounts were deleted. The attacker targeted the wrapped Bitcoin deposits, and even though $2M of tokens still remain in the project's pools on Optimism, the contracts are paused, and users can't withdraw funds. Kokomo Finance is unlikely to recover.
Rekt - Kokomo Finance - REKT (May 3)
Decoding Kokomo Finance $4 Million Rug Pull Quillaudits (May 3)
KOKOMO FINANCE MEGA CRASHED -98%‼️ KOKO TOKEN PRICE TODAY❗ $4M EXIT SCAM SUSPECTED AS KOKOMO FINANCE - YouTube (May 3)
Kokomo Finance - DefiLlama (May 3)
@Optimism_Space Twitter (May 3)
Optimistic L2 Transaction Hash (Txhash) Details | Optimism
(May 3)
@DefiLlama Twitter (May 3)
@UnoIntern Twitter (May 3)
@C4dotgg Twitter (May 3)
@moemoea_ Twitter (May 3)
@CryptoLeeY Twitter (May 3)
@solaceyfeels Twitter (May 3)
@ohhellohana Twitter (May 3)
@sidenzgiw Twitter (May 3)
@OptimismEconomy Twitter (May 3)
@ro2noazero Twitter (May 3)
@happykiyowokay Twitter (May 3)
@Pamungkhaz Twitter (May 3)
@0xGuard Twitter (May 3)
@0xGuard Twitter (May 3)
@CryptoNotifyBot Twitter (May 3)
@semqngat Twitter (May 3)
@leehc0x Twitter (May 3)
@PirotReborn Twitter (May 3)
@Cointelegraph Twitter (May 3)
$4M ‘exit scam’ suspected as Kokomo Finance flies off radar, token plunges (May 3)
Medium (May 3)
https://web.archive.org/web/20230328012441/https://github.com/KokomoFinance (May 3)
@KokomoFinance Twitter (May 3)
Registrant WHOIS contact information verification | Namecheap.com (May 3)
Worldwide crypto & NFT rug pulls and scams tracker - Comparitech (Dec 15)
