With a rise in scams involving Solana meme coins, Animoca Brands has issued a public announcement concerning the breach of co-founder Yat Siu’s X account.

The statement clarifies that recent assertions regarding the introduction of the $ANIMOCA token or non-fungible tokens on the Solana blockchain, which were linked to Animoca Brands, resulted from malicious activities by the hacker. Kenta, a streamer known for crypto gaming, initially conducted the investigation.

The gaming software company based in Hong Kong stated that, at this time, there are no official releases of tokens or NFTs associated with Animoca Brands, urging users to refrain from interacting with the compromised account. Animoca Brands has committed to providing more updates once the account is restored.

https://twitter.com/animocabrands/status/1872094029451772161

Founded in 2014 by Yat Siu and David Kim, Animoca Brands Corporation initially concentrated on mobile game development, but pivoted to focus on blockchain gaming and NFTs in 2018, establishing itself as a significant player in the Web3 landscape.

Vulnerabilities on the Solana blockchain

This isn’t the first instance of scams executed via the Solana blockchain. The infrastructure of Solana leaves users vulnerable to certain weaknesses. A recent case presented by the U.S. Department of Justice highlighted this problem, with charges against two California men, Gabriel Hay and Gavin Mayo, for orchestrating NFT rug pulls on Ethereum and Solana that led to over $22 million in losses for buyers. These rug pulls involved promoting fake NFT projects like Vault of Gems and Faceless, and then absconding with investors’ funds. This case represents the largest NFT fraud prosecution by the DOJ. Additionally, Drake, the Canadian artist, also had his account hacked in a scheme to promote a Solana-based meme coin named Anita.

Why is Solana vulnerable to scams?

Although Solana’s design may prioritize efficiency, it introduces multiple risks that make it more prone to scams than other networks. The token account structure utilized by Solana permits attackers to transfer ownership of assets through specific commands, rendering funds nearly impossible to recover.

Furthermore, Solana’s single-step transaction approval—unlike Ethereum’s multi-phase allowance of contract functions—can lead to immediate and irreversible losses once a deceitful transaction is approved. The platform’s ability to bundle multiple sub-transactions into a single approval further exacerbates the risk of unnoticed thefts.

Scammers also exploit Solana’s Durable Nonce feature to delay the execution of illicit activities, avoiding alerts and catching victims off guard. Combined with users’ lack of awareness regarding the risks associated with using Solana, this makes the platform an attractive target for scams.