Solana based Jupiter’s According to Core Working Group member Slorg, scammers have begun using a built-in Solana token extension to secretly delete targets’ crypto assets. Posting on X on September 3, Slorg noted that transactions were made within the wallet, but that these transactions were not visible in any way.
New Attack Method on Solana Network
The attack involved trading a user for a token called RED with the Permanent Delegate extension, which allowed the scammers to burn all of the tokens just seven seconds after the transaction. Solana’s The official website describes the Permanent Delegate extension as a function that allows them to burn or transfer tokens without limitations. A Prize Pool Worth 21 Million TL Awaits You from BinanceTR! Participating and winning has never been easier.. You can sign up to BinanceTR from this link. Get your first crypto!
It was designed for convenient use cases, such as retrieving accidentally transferred tokens, using it for revocable access tokens, or for sanctions compliance. But even Solana noted that this is a double-sided feature and can be abused. Speaking on the subject, Slorg, He said there could be several reasons why a scammer would want to burn tokens and shared the following statements:
“The first reason is it causes general chaos. Sometimes scammers just want to see destruction and chaos. If someone can’t sell, the price won’t go down. Most of the time scammers will grab most of the initial supply, and the thing is, they don’t have to make more than $50 in profit to make it worthwhile.”
“I saw one scammer who was pumping out tokens before Pump Fun last November and he was only making $50-$100 each time but he was spreading it out at $50 a day, making thousands of dollars a week.”
Comments from Famous Names Not Too Late
Blockchain security service providers Beosin and Peckshield team shared similar theories in their comments. PeckShield speculates that the scammers are trying to influence the cryptocurrency’s token economy, as this essentially allows for manipulating the circulating supply of the relevant tokens.
Beosin believes that the scammer could use this function to trick users into thinking that the token circulation remains the same by destroying users’ tokens:
“For example, burn someone else’s tokens to increase the token price and profit from a DeFi protocol related to the token.”
Slorg; He noted that Jupiter and RugCheck are among the two organizations that have created indicators for when this extension will be enabled:
“It is very important to do your due diligence on any token no matter what. Always have a routine that you do not deviate from and take the time to read the entire text when trading. Otherwise it could cost you dearly one day.”
Disclaimer: The information contained in this article does not contain investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should carry out their transactions in line with their own research.
