Solareum, a once-promising Telegram trading app designed for buying and selling Solana-based tokens, has announced its closure following an unfortunate series of events. The app found itself entangled in a security breach that resulted in the draining of approximately $523,000 worth of SOL from user wallets. This incident has shaken the confidence of more than 300 Solana users who were impacted by the exploit, prompting an investigation into the root cause and potential ramifications.
The exploit, which transpired late last week, initially led some users to point fingers at the popular Telegram trading bot BONKbot, speculating that it might have been responsible for leaking users’ private keys. However, the team behind BONKbot swiftly refuted these allegations, asserting that any users affected by the exploit had already exported their private keys for use in other applications.
Solareum’s response to the situation was mixed, with a tweet acknowledging the possibility of exploitation and later, a solemn announcement of the project’s closure on Telegram. The team cited a combination of factors, including insufficient funds, evolving market dynamics, and the recent security breach, as reasons for their decision to cease operations.
In their statement, Solareum’s team expressed regret over their inability to secure additional funding, adapt to market shifts, and bolster security measures adequately. The recent breach compromised the integrity of their systems, leaving them unable to guarantee the safety of their users due to financial constraints.
Despite vows to reach out to authorities to freeze any stolen crypto assets sent to centralized exchanges, Solareum remained silent on plans for compensating affected users. This silence has fueled frustration among users, many of whom have taken to the project’s Telegram channel demanding answers and threatening legal action if restitution is not addressed.
Meanwhile, BONKbot, a major player in the Solana Telegram trading space with over 270,000 claimed users, initially faced suspicion from the community. However, the BONKbot team swiftly clarified that the exploit was not linked to their bot directly but rather to users importing private keys into a specific application, which they later confirmed to be Solareum.
In a statement to Decrypt, the BONKbot team detailed their collaboration with the security community to identify the root cause of the exploit. While their analysis pointed towards Solareum before the official announcement, they emphasized the need for caution, highlighting the complexity of determining whether the breach was external or internal.
The closure of Solareum underscores the challenges faced by startups in the crypto space, where security breaches and financial instability can have far-reaching consequences. As the investigation into the exploit continues, affected users and industry observers are keenly watching for developments that could shed light on the vulnerabilities within decentralized trading platforms and the broader crypto ecosystem.