$10 000 USD





"Tomatos Finance claims to be an experiment in using farming to bring stablecoins and potential token closer to farmers."


"Hacker triggered simple permission granting and withdrew tokens."


"A user was stolen 10,000 DAI due to Tomatoes.finance. It is understood that the main method of the scam is to induce users to approve permission by airdrop."


"[M]any others fell victim to these rug pulls or similar scams in other projects like Tomatoes.finance."


"The newsletter indicates that a hacker would have triggered a simple authorization and removed tokens. News.bitcoin.com observed that since September 23, there has been no activity on its Medium page."


"Users who receive tokens from the DeFi project tomatoes.finance during the airdrop may face the threat of asset loss. The Telegram channel DeFi Leaks issued a warning."


"Warning from DeFi Leaks: If you receive the token in your wallet, please do not visit its website and finally approve any contract. It seems that through the approval of the website, their contract permissions can steal your tokens."


"The developers of the Tomatos.finance project are expected to make a lot of hype in the DeFi field. They encourage users to participate in profitable agriculture by providing liquidity."


"When they visit the site, the potential victim can grant permission to trigger the withdrawal of the token to the third-party address."


"At the time of writing, the site and the tomatoes.finance medium account are not yet available."

The "Tomatos" Finance project gained publicity by airdropping tokens into random wallets. When the victim reached the website, they would receive a standard permissions dialog to interact with the smart contract. If they granted permissions, all their funds would be drained.


The general open and permissionless nature of the blockchain trains many people to not to check the legitimacy of any website or application. Many users join with no education, and have no assistance available when they fall victim to any exploit.


Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.