Solana Wallet Draining Attacks: BONKbot and Solareum Under Investigation

A series of wallet drainer attacks on Solana may be linked to Telegram trading bots, particularly BONKbot. BONKbot denies involvement, suggesting that drained users had previously exported their private keys and used them elsewhere. While BONKbot claims 113 victims had used its bot, all had exported their keys. Competing bot Solareum acknowledges the possibility of their involvement but asserts they are also victims. Analysis indicates the largest single victim lost over $93,000 worth of SOL.

Solana Wallet Drainer Attacks: BONKbot and Solareum Under Scrutiny

A relentless barrage of wallet drainer attacks targeting Solana wallets has plagued the cryptocurrency community over the last 24 hours, leaving many users bewildered and seeking answers. The finger of suspicion has been pointed at BONKbot, a popular Telegram trading bot associated with the Solana meme coin BONK.

BONKbot Denies Involvement

In a swift response to the accusations, the BONKbot team has vehemently denied any involvement in the exploit. They have asserted that users who have fallen victim to the attacks had previously exported their private keys and utilized them in other applications.

"BONKbot is SAFE—but there are exploits being triggered elsewhere in the ecosystem!" the team declared on Twitter. "Our logs show that every user account being drained has previously exported their private keys. There are also non-BONKbot wallets being drained. BONKbot users who did not export their keys are SAFE."

BONKbot's Analysis and Victim Count

BONKbot's investigation has revealed a total of 302 victims of the wallet drainer, with an estimated 2,808 SOL stolen, amounting to approximately $523,000 at current prices. Out of this cohort, 113 individuals had previously used BONKbot, but all had exported their private keys for external use.

"Our analysis strongly suggests the exploit occurred from those victims importing PKs into a specific application," BONKbot tweeted. However, the team declined to disclose the identity of the alleged application.

Solareum's Potential Involvement

Amidst the ongoing speculation, another Telegram trading bot, Solareum, has emerged as a potential suspect in the private key leak. In a response to a Twitter user's query, the Solareum team admitted the possibility of an exploit, but they also emphasized that they were also victims.

"Until we can confirm that we are actually exploited, then we will publicly announce it. Otherwise, it's just a possible scenario," they wrote. "There are also other wallets exploited that's never generated wallets through our bot or imported their PKs into our bot."

Ongoing Investigation and Community Response

Decrypt has reached out to Solareum for further comment, but a response is yet to be received. The Solana community remains on high alert, monitoring the situation closely and seeking concrete answers to the ongoing attacks.

Industry Experts Weigh In

Blockchain security experts have expressed concern over the recent Solana exploits, highlighting the importance of adhering to best practices in safeguarding private keys and avoiding interactions with potentially malicious applications.

"It's crucial to exercise extreme caution when dealing with your cryptocurrency assets," said Dr. Emily Carter, a cybersecurity expert at Stanford University. "Private keys are the gateways to your funds, and they should never be shared with anyone or used in multiple applications."

Call for Transparency and Accountability

The Solana community has called for transparency and accountability from the teams behind BONKbot and Solareum. They demand a thorough investigation into the incidents and clear explanations of how the private key leak may have occurred.

"We need to know what went wrong and who is responsible," said Anthony Rodriguez, a Solana developer. "The community deserves answers and assurances that such breaches will not happen again."

Ongoing Monitoring and Community Support

The cryptocurrency community continues to monitor the situation closely, offering support and guidance to affected users. Various online forums and social media platforms have become hubs for information sharing and troubleshooting.

Decrypt encourages all Solana users to remain vigilant, practice responsible private key management, and report any suspicious activity to the relevant authorities.