According to SlowMist monitoring, Four.meme tokens were attacked using vulnerabilities before the token was released to steal liquidity. The attacker purchased a small number of tokens before the token is released through Four.meme's 0x7f79f6df function and used this feature to send the tokens to the PancakeSwap transaction pair address that has not been created yet. This allows the attacker to create a trading pair and add liquidity without transferring tokens that have not been released, bypassing the transfer limit before the Four.meme token is released (MODE_TRANSFER_RESTRICTED). In the end, the attacker added liquidity at an unexpected price and successfully stole the liquidity of the fund pool.