The trading Telegram bot BONKbot on the Solana network was allegedly subjected to a hacker attack, as a result of which users lost about $208,000.
CertiK analysts drew attention to multiple reports of losses and allowed a possible leak of private keys.
The exact cause of the exploit remains unknown. BONKbot representatives and other users point to various culprits.
According to the Telegram bot developers, the problem occurred because users exported their private keys, which they then compromised in another application.
"BONKbot is still secure, and exporting the private key itself doesn't put you at risk. A vulnerability was detected in another Solana application. More than half of the approximately 300 victims were non-BONKbot wallets, " the post reads.
At the same time, traders who did not export keys also reported losses.
"My BONKbot wallet is empty. Contrary to the developers ' claims, my wallet was not linked to any other app (except sol-incinerator). The private key was only exported to Phantom, " marc611 stated.
BONKbot placed the blame on a "specific application", and some pointed to Solareum-another Telegram bot based on Solana.
Representatives of the latter deny any vulnerabilities and claim that the exploit may have a larger scale and affect other bots and decentralized applications.
They suggested that hackers could steal access tokens to the Telegram bot, gaining control of the message history containing private keys. The damage was estimated at about $310,000.
A few days after the incident, Solareum announced its closure. The developers cited "insufficient funds, emerging market trends, and a recent security breach."
The bot team has already contacted law enforcement authorities in an attempt to freeze the stolen funds if they end up on centralized exchanges.
The situation has caused confusion in the community, as the nature of the vulnerability is not fully clear. The number of affected users also remains unknown: BONKbot claims that only 0.1% of their traders were affected, while some users made much larger values.
Bans in the BONKbot chat for expressing concerns further reduced the credibility of such statements.
"Hey BONKbot, is this what you do in real-world situations when your customers lose hundreds of thousands? Your admin team is literally kicking everyone who speaks out. And you tell us that everything is safe, and offer to continue using [the bot]? You * * * s scammers, I will close you myself," wrote a disgruntled trader.
CertiK analysts drew attention to multiple reports of losses and allowed a possible leak of private keys.
The exact cause of the exploit remains unknown. BONKbot representatives and other users point to various culprits.
According to the Telegram bot developers, the problem occurred because users exported their private keys, which they then compromised in another application.
"BONKbot is still secure, and exporting the private key itself doesn't put you at risk. A vulnerability was detected in another Solana application. More than half of the approximately 300 victims were non-BONKbot wallets, " the post reads.
At the same time, traders who did not export keys also reported losses.
"My BONKbot wallet is empty. Contrary to the developers ' claims, my wallet was not linked to any other app (except sol-incinerator). The private key was only exported to Phantom, " marc611 stated.
BONKbot placed the blame on a "specific application", and some pointed to Solareum-another Telegram bot based on Solana.
Representatives of the latter deny any vulnerabilities and claim that the exploit may have a larger scale and affect other bots and decentralized applications.
They suggested that hackers could steal access tokens to the Telegram bot, gaining control of the message history containing private keys. The damage was estimated at about $310,000.
A few days after the incident, Solareum announced its closure. The developers cited "insufficient funds, emerging market trends, and a recent security breach."
The bot team has already contacted law enforcement authorities in an attempt to freeze the stolen funds if they end up on centralized exchanges.
The situation has caused confusion in the community, as the nature of the vulnerability is not fully clear. The number of affected users also remains unknown: BONKbot claims that only 0.1% of their traders were affected, while some users made much larger values.
Bans in the BONKbot chat for expressing concerns further reduced the credibility of such statements.
"Hey BONKbot, is this what you do in real-world situations when your customers lose hundreds of thousands? Your admin team is literally kicking everyone who speaks out. And you tell us that everything is safe, and offer to continue using [the bot]? You * * * s scammers, I will close you myself," wrote a disgruntled trader.
