Solana Telegram Trading Bot Terminates Operations as Users Suffer $523,000 Drain
Solana-based Solareum confirmed the decision to shut operations following the previous week’s exploit that hit hundreds of users.
The developers of Solareum confirmed that the Telegram trading application involved in purchasing and selling the Solana-based tokens suffered an unprecedented exploit. The team announced imminent closure, illustrating that SOL tokens valued at $523,00 were lost during the exploit.
The wallet-drainer affected over 300 Solana users in the previous week. The team noted that several users consider a leading trading bot, BONKbot, to be behind the leak of private keys. The developers of the BONK meme coin dismissed that its Telegram bot suffered a security lapse.
The team indicated that the BONKbot users affected by the exploit exported the private keys for use in other applications.
Solareum Admits Exploit
Solareum indicated in its subsequent tweet that it had admitted to the probable exploit. The team announced a Telegram update on Saturday, regretting the closure announcement to mark the end of the Solareum project.
The team admitted that the project odds are minimal, given the insufficient funds amid the evolving market trends. The team illustrated that the project suffered a security breach to its systems, compelling it to reach the unfortunate and challenging exit decision.
The team illustrates the concerted efforts undertaken in the past months towards securing additional funding. Also, the team aimed to adapt to the market changes and fortify its security measures. However, the security breach made the endeavors futile since the systems’ integrity was compromised during the attack. The team indicated that the compromise left them unable to assure users’ safety due to insufficient funds.
Solareum’s Telegram Channel Flooded with Inquiries
Solareum’s developers assured us they would seek the authorities’ hand to freeze the exploited crypto assets when they send them to the centralized exchanges. Nevertheless, the team was noncommittal in compensating users affected by the exploit.
A review of the events shows that the project’s Telegram channel is flooded with user inquiries demanding answers to the breach. Some threaten to initiate legal action if Solareum fails to reveal plans to compensate.
BONbot had made notable strides to become Solana’s largest Telegram trading bot. The bot had over 270,000 users, with the majority considering it a likely suspect for the exploit.
Application Behind Exploit is Nondeterministic
The BONKbot quickly distanced itself from the exploit links. The team shared data of the apparent victims who lost crypto assets after the wallet-draining exploit.
The team revealed that the exploit arose from a specific application where some users exported private keys. The team did not initially reveal the application, only to disclose it in a Monday update as Solareum.
The BONKbot team revealed that they were engaging the security community to triangulate the exploit. It admitted that the victims were interacting with multiple applications and wallets. The team indicated that an absolute correlation of victims had imported the private keys into the Solareum project.
The overwhelming analysis points to such a possibility before Solareum’s update. The BONKbot team indicated that the analysis is probabilistic unless they access the codebase and logs.
The absence of deterministic ties to the Solareum leaves the BONKbot team to admit uncertainty of whether the exploit arose from the internal drain or an external breach. Such a possibility convinces the team to avoid pointing fingers.