With the rise in Solana meme coin scams, Animoca Brands has issued a public notice regarding the security breach of co-founder Yat Siu’s X account.
The official announcement clarifies that recent assertions about the launch of the $ANIMOCA token or non-fungible tokens on the Solana blockchain, which were falsely attributed to Animoca Brands, were due to malicious actions by the hacker. This discovery was initially reported by Kenta, a crypto game streamer.
The Hong Kong-based gaming software company stated that, currently, there is no official token or NFT launch linked to Animoca Brands and has advised users not to interact with the compromised account. Animoca Brands will provide further updates when the account is restored.
Founded by Yat Siu and David Kim in 2014, Animoca Brands Corporation initially concentrated on mobile game development but pivoted to blockchain gaming and NFTs in 2018, establishing itself as a significant player in the Web3 arena.
Vulnerabilities on the Solana blockchain
This is not the first incident involving scams on the Solana blockchain. Its infrastructure exposes users to particular vulnerabilities. A recent case brought to light by the U.S. Department of Justice involved two California men, Gabriel Hay and Gavin Mayo, who were charged with executing NFT rug pulls on Ethereum and Solana, totaling over $22 million in losses for buyers. These rug pulls included promoting fake NFT projects such as Vault of Gems and Faceless, subsequently absconding with investors’ funds. This case marks the largest NFT fraud prosecuted by the DOJ. Additionally, Drake, the Canadian artist, also had his account hacked to advance a Solana-based meme coin called Anita.
Why is Solana vulnerable to scams?
Although Solana’s architecture is engineered for efficiency, it brings forth various risks that make it more prone to scams when compared to other networks. The token account structure on Solana allows attackers to reassign ownership of assets through specific commands, rendering funds nearly unrecoverable.
Moreover, Solana’s single-step transaction approval process—unlike Ethereum’s multi-phase contract function allowances—can lead to immediate and irreversible losses once a malicious transaction is approved. The platform’s ability to bundle multiple sub-transactions into one approval further increases the risk of undiscovered thefts.
Scammers exploit Solana’s Durable Nonce capability to delay the execution of fraudulent activities, sidestepping alerts and catching victims off guard. Combined with users’ lack of awareness regarding the operational risks associated with Solana, this makes it a prime target for scams.