According to SlowMist monitoring, Four.meme tokens were exploited by attackers to steal liquidity before the token was released. The attacker Four.meme 0x7f79f6df function to buy a small number of tokens before they are released and uses this function to send the tokens to the address of a PancakeSwap transaction pair that has not yet been created. This allows attackers to create trading pairs and add liquidity without the need to transfer unreleased tokens, bypassing the transfer restrictions (MODE_TRANSFER_RESTRICTED) before Four.meme tokens are released. Ultimately, the attackers added liquidity at unexpected prices, successfully stealing liquidity from the pool of funds.