
In light of the rising scams involving Solana meme coins, Animoca Brands has issued a public alert regarding the breach of co-founder Yat Siu’s X account.
The official announcement clarifies that recent assertions related to the launch of the $ANIMOCA token or non-fungible tokens on the Solana blockchain, which were linked to Animoca Brands, stemmed from malicious actions by the hacker. The investigation was initially conducted by Kenta, a crypto game streamer.
The Hong Kong-based game development firm emphasized that currently, there is no official token or NFT launch associated with Animoca Brands and advised users to refrain from interacting with the compromised account. Animoca Brands has committed to providing further updates once the account has been restored.
https://twitter.com/animocabrands/status/1872094029451772161
Founded in 2014 by Yat Siu and David Kim, Animoca Brands Corporation initially focused on mobile game development. However, in 2018, the company pivoted to blockchain gaming and NFTs, becoming a significant player in the Web3 landscape.
Vulnerabilities on the Solana blockchain
This is not the first instance where the Solana blockchain has been exploited for scams. The infrastructure of Solana exposes users to certain vulnerabilities. A recent case brought by the U.S. Department of Justice highlighted this concern, with charges against two California men, Gabriel Hay and Gavin Mayo, for orchestrating NFT rug pulls on Ethereum and Solana that cost buyers over $22 million. These scams involved promoting fake NFT projects like Vault of Gems and Faceless, ultimately fleeing with investors’ funds. This case represents the largest NFT fraud prosecuted by the DOJ. Additionally, Drake, the Canadian musician, also had his account compromised to promote a Solana-based meme coin, Anita.
Why is Solana vulnerable to scams?
While Solana’s design may prioritize efficiency, it also presents numerous risks that make it more vulnerable to scams compared to other networks. The token account structure utilized by Solana allows attackers to reassign asset ownership with specific commands, rendering funds nearly impossible to reclaim.
Moreover, Solana’s single-step transaction approval—contrary to Ethereum’s multi-phase contract function permissions—can lead to immediate and irreversible losses once a malicious transaction is approved. The platform’s ability to consolidate multiple sub-transactions into a single approval further heightens the risk of unnoticed thefts.
Scammers also exploit Solana’s Durable Nonce feature, which allows them to delay the execution of fraudulent activities, thereby evading alarms and catching victims off guard. Combined with users’ lack of awareness regarding the operational risks associated with Solana, it becomes an attractive target for scams.