It is quite obvious that it's a scam. They initially left a loophole for themselves, withdraw money and disappear. It means, they expected to withdraw funds in advance to avoid paying money to that hacker.
Get out of here with your newbie 1 post account. Stop creating new accounts and spreading FUD.
This function is clearly described in the whitepaper, and it aint no loophole.
I'll explain it in a simple way for your simple mind:
1. ETH address sends ETH to smart contract
2. Smart contract creates & sends SMART tokens to ETH sender address
3. SMART tokens can be 'traded in' and the ETH is returned to original address.
This function is available to anyone who sends money into the smart contract. By sending 1500 ETH to the contract the dev's are permitted to withdraw 1500 ETH and no more.
This is not the whole story. They CAN withdraw the jackpot if they hold more than 50% of all investments.
Its this two lines of code:
if(investBalance >= investBalanceGot / 2){ // additional jackpot protection
require((_amount <= this.balance / 400) && coldStoreLast + 60 * 60 * 24 * 7 <= block.timestamp);
}
investBalanceGot is the total investments they got in the lifetime of the contract.
investBalance is the actual balance. Its decremented if a investor withdraws his investment.
If they own more than 50% of the amount that was invested ever, they can first withdraw their own investment and after that they are able to withdraw the jackpot (the jackpot, not other investments or users balances) and run away.
Waiting for answer to that.. It doesn't look good..