Hi Everyone,

You have no doubt heard rumours of a number of Stellar wallets being

compromised recently or perhaps you were a victim yourself. You probably also
saw that the Afreum AFR token price crashed 98% on 2nd August 2022. The price is
recovering due to an aggressive buy back campaign from our treasury but we are
still down some 70 odd percent. I would like to share with the community our
understanding of what happened.

We have reason to believe that a coordinated attack was mounted against

Afreum. The attack took place as follows:

1. A known bug/exploit in the Stellar ecosystem was used to compromise some

wallet addresses including some minor Afreum-related wallets. Those wallets were
then used to create new accounts to which drained funds were sent before being
converted to XLM and dispatched elsewhere including to Binance.

2. The domain name Afreum.co was registered, duplicating and trading Afreum
assets on the Stellar DEX. This domain redirects to Afreum.com to appear
legitimate.

3. A smear campaign was launched on certain Stellar groups on Telegram, including

the fake Afreum group https://t.me/AfreumPay which attempts to appear
legitimate by linking to actual Afreum assets. The narrative was that the Afreum
website was compromised and that Afreum token holders should transfer their
tokens to new accounts.

4. A very professional operation was launched to steal tokens from Afreum. It all
started with people purporting to be from Binance Innovation Zone and
wanting to list Afreum. A Zoom call with a very senior Binance followed and the
usual listing forms were filled and due dilligence performed. Finally an email
purporting to be from Binance.com confirming the terms of the listing. I AM
ATTACHING THAT EMAIL HERE. The crux of the story is that after much back
and forth just over 738 Million AFR tokens were sent to an address created by
an address that belongs to Binance. Today on 2 August 2022, those tokens
were dumped on the market causing the crash we all witnessed today.
Summary
- We believe a known exploit was used to target a relatively small number of
accounts selected because they held AFR tokens. This was to support the narrative
that Afreum.com was compromised. This raises the question of HOW CAN THE SITE
BE COMPROMISED when we dont store any sercret keys. We have it on good
authority that this exploit on a well known Stellar platform was fixed recently
suggesting that accounts can bo longer be compromised. TO BE ON.THE SAFE
SIDE WE DO RECOMMEND THAT YOU MOVE YOUR TOKENS TO NEW SECURED
WALLETS AND IF YOU HAVE ANY TOKENS IN AFREUM SAVE or AFREUM STAKE
TO MOVE THEM TO SECURE WALLETS UPON WITHDRAWAL. To facilitate this we
will be announcing in the group when withdrawals are being processed allowing you
to act quickly in this regard. We firmly believe that Afreum.com is safe but we
recommend this until our site code audit is completed.
- We believe the plan to discredit Afreum started some weeks ago with the launch
of the Afreum.co domain and tokens.

- We believe a campaign was started on TG groups simultaneously to smear the

Afreum project. So called blockchain forensics experts all weighed in with the
opinion that Afreum team was responsible and that they could follow the trail from
an Afreum staking account which WAS NOT compromised. Nobody bothered to
contact Binance to check accounts related to the memos in the transactions
moving funds out of Stellar.

- We believe the Binance scam that resulted in the 98% crash today was the
highlight of the plan. The perpetrators could have made much more by selling the
738 million AFR tokens (almost 10% of our total supply and worth $250,000 at time
of transfer) incrementally. Instead they chose to DUMP ALL THE TOKENS ON THE
MARKET CRASHING THE PRICE. The scam was not for profit but to destroy Afreum.

Conclusion
What are we doing about all this?

1. Auditing Afreum.com code to ensure there are no exploits. We dont believe there
are any despite the narrative of the smear campaign.

2. Stellar is decentralized so not much we can do about thw fake Afreum.co and its
tokens except continue to educate users.

3. As for the smear campaign, we believe any interested "forensic expert" is able to
reach out to Binance for information on the account IDs in the memos of the
scamming addresses.

4. With regards to the 738 million AFR stolen from Afreum we probably have no
choice but to buy them back on the open market thereby facilitating a quick price
recovery. We have already.begun to do so using the.same treasury.account that
sent thw tokens to the fake Binance Stellar address.

Afreum remains dedicated to our mission of financial inclusion and our motto of
UNITY. CLARITY. EQUITY. We believe that evil will never prevail and that we will
eventually bounce back from this shameless attack.

Afreum Team