Feed Every Gorilla (FEG) SmartDeFi Wormhole Bridge Exploit

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 13:42, 31 January 2025 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/feedeverygorillafegsmartdefiwormholebridgeexploit.php}} {{Unattributed Sources}} thumb|Feed Every Gorilla Logo/HomepageFeed Every Gorilla (FEG) is a decentralized finance (DeFi) project built around a single token supply, with a focus on security, transparency, and community involvement. The project launched via the SmartDeFi™ Token Launchpad, which su...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Feed Every Gorilla Logo/Homepage

Feed Every Gorilla (FEG) is a decentralized finance (DeFi) project built around a single token supply, with a focus on security, transparency, and community involvement. The project launched via the SmartDeFi™ Token Launchpad, which supports multi-asset backing, adaptive tokenomics, and tokenless presales. FEG also enables real-world asset tokenization and has developed tools like the FEGtrack app for easy access to project data. However, a significant exploit occurred starting December 5th, 2024, involving a vulnerability in the wormhole bridge, resulting in losses estimated at $1 million. Despite continuing to promote the token, the FEG team did not acknowledge the exploit until December 29th, 2024. They later offered a buyback program for users who purchased tokens after the exploit, providing refunds and a 25% bonus. After addressing the issue and stabilizing the ecosystem, FEG announced its official relaunch on January 18th, 2025.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20]

About Feed Every Gorilla (FEG)

Feed Every Gorilla (FEG) is a decentralized crypto project designed to provide a unique ecosystem built around a single token supply. The FEG token serves as the foundation for the entire SmartDeFi platform, supporting its various features such as cross-chain compatibility, advanced token creation, and asset-backed tokenization. With a strong emphasis on security, transparency, and community involvement, FEG aims to offer users a secure and sustainable way to engage with decentralized finance. The token is tradable across multiple blockchains, including Ethereum, BNB, and BASE, and is listed on top exchanges.

"a community-driven, innovative DeFi project committed to transparency, long-term sustainability, and inclusivity. By prioritizing security, ethical practices, and empowering users through accessible financial tools and opportunities, FEG aims to revolutionize decentralized finance and foster a thriving, trustworthy ecosystem."

FEG (Feed Every Gorilla) is a dedicated decentralized finance (DeFi) project that includes the next-generation Token Launchpad, SmartDeFi™, which has been rigorously audited for security and performance. Initially deployed on the BNB blockchain, FEG has ambitious plans to expand its reach to multiple EVM-compatible chains, increasing accessibility and interoperability within the DeFi space. FEG aims to provide a robust ecosystem with features designed to enhance investment strategies and simplify the launch and management of tokens.

The SmartDeFi™ Token Launchpad is one of FEG's core innovations, designed to support a variety of investment strategies. It offers multi-asset backing, allowing tokens to be backed by assets like BNB, USDC, and more. Investors can redeem tokens by burning them for their asset-backing value, provided it's competitive with market prices, or take advantage of interest-free loans with a 30-day repayment period. The platform also includes adaptive tokenomics, which allows projects to modify their token structures to align with evolving goals or market strategies, with a built-in security delay to protect investors. Furthermore, the integration of RFI (Reflect Finance) technology improves functionality by giving projects the choice between RFI or Non-RFI setups, enhancing investment outcomes.

A key feature of the SmartDeFi™ launchpad is its tokenless presale model, a pioneering approach where investors contribute to liquidity and receive an equivalent dollar value in tokens, which are held by the contract. When investors withdraw, they get their new value in BNB, while the corresponding tokens are burned, helping to preserve market price stability and enhance the security of the presale process. During this time, investors also earn DEX liquidity provider fees, adding an additional layer of incentive. Additionally, FEG supports real-world asset tokenization, allowing users to tokenize physical assets like real estate or commodities, with dividends distributed through its fully-audited staking protocol, creating a deeper connection between the digital and physical worlds.

For users seeking easy access to project data and market updates, FEG has developed the FEGtrack app, available on both Android and iOS. This app offers project data, charting, and market news, making it easier for users to stay informed about their investments. FEG also provides a custom trading and charting platform where tokens from the launchpad can be traded. This platform routes through popular decentralized exchanges like UniSwap and PancakeSwap and integrates tools from TradingView, ensuring users have access to comprehensive trading features. Through these offerings, FEG is positioning itself as a powerful tool for both new and experienced investors in the DeFi space.

The Reality

The FEG token smart contract contained a security issue, specifically involving the wormhole bridge and potentially compromising token transactions.

What Happened

"The FEG project suffered an attack resulting in a loss of approximately $1 million."

Key Event Timeline - Feed Every Gorilla (FEG) SmartDeFi Wormhole Bridge Exploit
Date Event Description
December 5th, 2024 12:34:52 PM MST FEGToken Smart Contract Exploit The FEGToken smart contract is exploited with the first transaction.
December 5th, 2024 2:08:00 PM MST Biconomy Listing Announced FEG announces that Biconomy will list FEED EVERY GORILLA ($FEG) and open the FEG/USDT trading pair at 16:00 UTC on December 9, 2024. Deposits and withdrawals will be available starting at 12:00 UTC on the same day. For more details, you can visit the FEG website at feg.io.
December 5th, 2024 6:58:00 PM MST TenArmor Alert Posted TenArmor Security issues an alert about a suspicious attack involving the FEG fBNB Token on the BSC network, resulting in an estimated loss of $5.5K.
December 7th, 2024 11:54:00 AM MST Bitcoin Back About $100k The FEG team reposts about how bitcoin is back up above $100k.
December 28th, 2024 1:21:00 PM MST Last Post Before Announcement In their last post before the exploit, FEG announced a daily quiz competition offering participants the chance to win $100 in CDF tokens. The competition encourages users to test their crypto knowledge against the community, with the prize varying each week. This week's prize is $100 worth of CDF tokens, a unique and limited token with only 1,000 in existence. CDF tokens provide holders with VIP access to SmartDeFi features, such as controlling charts, using promotional tools, and unlocking the SDMarketCap platform's capabilities. The quiz competition would be held in the Telegram main chat, with the next round starting in 30 minutes.
December 29th, 2024 12:12:00 AM MST FEG Token Update Posted The FEG Token team posted an update regarding irregular transactions, stating that FEGrox is investigating the issue with help from PeckShield to determine the cause. They acknowledge the frustration this has caused, as the team has dedicated years to building the project. Centralized exchanges have been alerted to halt trading, and further updates will be shared. The initial investigation points to a vulnerability in the wormhole bridge, which had been previously audited, and the audit report is available. The SmartDeFi contract code seems unaffected, although the protocol has been paused for precaution. The team continues to investigate and appreciates the community's patience and support.
December 30th, 2024 8:18:00 PM MST Update And Buy Backs FEG posts an update thanking the community for their patience and understanding during the recent issue. After discussions with the team and community, they have a plan to move forward but are asking for help to complete the first step. If you purchased tokens after the exploit, FEG requests that you send them back to avoid losing your funds. In return, they will buy back the tokens at the original purchase price, plus a 25% bonus as a reward for loyalty. This buyback offer is time-sensitive, with a 48-hour window to return the tokens. After that, no buybacks will be available.
January 3rd, 2025 12:49:00 AM MST FEG Working Towards Relaunch FEG posted a community update expressing gratitude for the progress made toward the $FEG relaunch. They thanked @FEGrox for his relentless efforts in recovering the backing from all three chains and for disabling the bridge on-chain to prevent further issues, helping stabilize the ecosystem. The team also acknowledged the ongoing work of their developers on SmartDeFi.com and FEGbot, which are crucial for the relaunch. Special thanks were given to team members like @cosbo, @aLex_the_ape, and others for their meticulous work reviewing on-chain transactions, ensuring transparency and accuracy. Additionally, efforts on centralized exchange discussions and partnerships were recognized for their role in expanding FEG's reach. Finally, the community's patience and support were appreciated, with the team assuring that FEG is nearing its relaunch with more updates coming soon.
January 17th, 2025 3:12:00 AM MST FEG Relaunch Announced "We’re thrilled to announce that $FEG will officially go live on Saturday, the 18th, at 9:00 PM EST (2:00 AM UTC on Sunday, the 19th)."
January 18th, 2025 9:00:00 PM MST FEG Relaunch Is Live "The Gorilla is BACK, and the FEG ecosystem is thriving. Secure your spot now!"

Technical Details

"Analysis suggests that the root cause of the incident appears to be a composability issue arising from the integration with the underlying Wormhole cross-chain bridge, which facilitates cross-chain message and token transfers."

Total Amount Lost

Losses were estimated at $1m USD.

The total amount lost has been estimated at $1,000,000 USD.

Immediate Reactions

After the FEGToken smart contract exploit on December 5th, 2024, the FEG team did not acknowledge the issue publicly for 25 days, despite continuing to post promotional content about the token during this period. On December 5th, they announced the listing of $FEG on Biconomy, with a trading pair opening on December 9th, and posted updates about bitcoin’s price. They also ran a daily quiz competition and promoted the unique CDF tokens, offering rewards in the form of these tokens, which provided VIP access to SmartDeFi features.

Ultimate Outcome

It wasn’t until December 29th, 2024, that FEG made an official statement regarding the exploit. In this update, they confirmed that the issue was due to a vulnerability in the wormhole bridge, which had previously been audited. The team acknowledged the frustration caused by the exploit and the delay in communication, explaining that they were working with PeckShield to investigate the root cause. They also clarified that the SmartDeFi contract code was not compromised but had been paused as a precautionary measure.

On December 30th, FEG offered a buyback program to users who purchased tokens after the exploit, allowing them to return the tokens for a refund at the original purchase price, plus a 25% bonus, within a 48-hour window. Despite the lack of immediate acknowledgment, the team continued to work on stabilizing the ecosystem and preparing for a relaunch.

Finally, on January 3rd, 2025, FEG posted an update expressing gratitude to the community for their patience and outlining the progress made toward the relaunch. They confirmed the official relaunch date for January 18th, 2025, marking the return of the $FEG token and the revitalization of the ecosystem.

Total Amount Recovered

FEG has offered a buyback program for users who lost funds due to the exploit. If users purchased tokens after the exploit, FEG is asking them to send the tokens back within 48 hours. In return, FEG will buy back the tokens at the original purchase price and offer an additional 25% bonus as a reward for their loyalty. This buyback program was time-sensitive, and after the 48-hour window, users losses were permanent.

There do not appear to have been any funds recovered in this case.

Ongoing Developments

The relaunched FEG token continues to operate.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. FEG Token - "FEGrox is actively investigating the irregular transactions and has engaged PeckShield for additional support in uncovering the root cause." - Twitter/X (Accessed Jan 31, 2025)
  2. PeckShield Audit Report (Accessed Jan 31, 2025)
  3. Feed Every Gorilla (FEG) Homepage (Accessed Jan 31, 2025)
  4. https://flooz.xyz/FEGtoken (Accessed Jan 31, 2025)
  5. Introduction | FEG x SmartDeFi™ (Accessed Jan 31, 2025)
  6. FEG - "Join the daily quiz competition where you can put your crypto knowledge to the test against the best (and worst!) in our community." - Twitter/X (Accessed Jan 31, 2025)
  7. @FEGtoken Twitter (Accessed Jan 31, 2025)
  8. @FEGtoken Twitter (Accessed Jan 31, 2025)
  9. @FEGtoken Twitter (Accessed Jan 31, 2025)
  10. @FEGtoken Twitter (Accessed Jan 31, 2025)
  11. @FEGtoken Twitter (Accessed Jan 31, 2025)
  12. @FEGtoken Twitter (Accessed Jan 31, 2025)
  13. @FEGtoken Twitter (Accessed Jan 31, 2025)
  14. @FEGtoken Twitter (Accessed Jan 31, 2025)
  15. @FEGtoken Twitter (Accessed Jan 31, 2025)
  16. FEG - "We’re thrilled to announce that $FEG will officially go live on Saturday, the 18th, at 9:00 PM EST (2:00 AM UTC on Sunday, the 19th)." - Twitter/X (Accessed Jan 31, 2025)
  17. FEG - "The Gorilla is BACK, and the FEG ecosystem is thriving. Secure your spot now!" - Twitter/X (Accessed Jan 31, 2025)
  18. @TenArmorAlert Twitter (Accessed Jan 31, 2025)
  19. Suspicious Transaction Reported By TenArmor (Accessed Jan 31, 2025)
  20. The FEGToken Exploiter - BSCScan (Accessed Jan 31, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Feed_Every_Gorilla_(FEG)_SmartDeFi_Wormhole_Bridge_Exploit&oldid=6505"