SlowMist: Fours.meme token exploited by hackers to steal liquidity through pre release vulnerabilities

According to SlowMist monitoring, Four.me token was exploited by attackers to steal liquidity through a pre release vulnerability, as reported by Golden Finance. The attacker uses the 0x7f79f6df function of Four.me to purchase a small amount of tokens before the token release, and uses this feature to send the tokens to the PancakeSwap trading pair address that has not yet been created. This allows attackers to create trading pairs and add liquidity without the need to transfer tokens that have not yet been released, bypassing the transfer restriction before the release of the Fours.meme token (MODE_TRANSFER-RESTICTED). In the end, the attacker added liquidity at an unexpected price and successfully stole the liquidity of the fund pool.