PANews reported on December 3rd that SlowMist disclosed on its official WeChat account that it recently received a request for help from a user who claimed to have been targeted by a phishing attack. The user discovered abnormal authorization records in their Solana wallet, attempted to revoke the authorization but was unable to do so, and provided the affected wallet address. On-chain analysis revealed that the user's account owner privileges had been transferred to an address starting with "GKJBEL". Furthermore, the user had already lost assets worth over $3 million USD, and another $2 million USD worth of assets were held in DeFi protocols and could not be transferred (this $2 million USD worth of assets has now been successfully recovered with the assistance of the relevant DeFi platforms). The victim attempted to transfer funds from the account to their own address to verify authorization, but all transactions failed. This situation is highly similar to the "malicious multi-signature" attacks that frequently occur in the TRON ecosystem. In other words, this attack is not a traditional "authorization theft," but rather the attacker replaced the core permissions (Owner permissions), rendering the victim powerless even if they wanted to transfer funds, revoke authorization, or operate DeFi assets. The funds are "visible," but no longer under their control.PANews reported on December 3rd that SlowMist disclosed on its official WeChat account that it recently received a request for help from a user who claimed to have been targeted by a phishing attack. The user discovered abnormal authorization records in their Solana wallet, attempted to revoke the authorization but was unable to do so, and provided the affected wallet address. On-chain analysis revealed that the user's account owner privileges had been transferred to an address starting with "GKJBEL". Furthermore, the user had already lost assets worth over $3 million USD, and another $2 million USD worth of assets were held in DeFi protocols and could not be transferred (this $2 million USD worth of assets has now been successfully recovered with the assistance of the relevant DeFi platforms). The victim attempted to transfer funds from the account to their own address to verify authorization, but all transactions failed. This situation is highly similar to the "malicious multi-signature" attacks that frequently occur in the TRON ecosystem. In other words, this attack is not a traditional "authorization theft," but rather the attacker replaced the core permissions (Owner permissions), rendering the victim powerless even if they wanted to transfer funds, revoke authorization, or operate DeFi assets. The funds are "visible," but no longer under their control.
SlowMist: A Solana phishing attack stole $3 million by tampering with the owner permissions of victims' wallets.
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com
PANews reported on December 3rd that SlowMist disclosed on its official WeChat account that it recently received a request for help from a user who claimed to have been targeted by a phishing attack. The user discovered abnormal authorization records in their Solana wallet, attempted to revoke the authorization but was unable to do so, and provided the affected wallet address. On-chain analysis revealed that the user's account owner privileges had been transferred to an address starting with "GKJBEL". Furthermore, the user had already lost assets worth over $3 million USD, and another $2 million USD worth of assets were held in DeFi protocols and could not be transferred (this $2 million USD worth of assets has now been successfully recovered with the assistance of the relevant DeFi platforms).
The victim attempted to transfer funds from the account to their own address to verify authorization, but all transactions failed. This situation is highly similar to the "malicious multi-signature" attacks that frequently occur in the TRON ecosystem. In other words, this attack is not a traditional "authorization theft," but rather the attacker replaced the core permissions (Owner permissions), rendering the victim powerless even if they wanted to transfer funds, revoke authorization, or operate DeFi assets. The funds are "visible," but no longer under their control.
Market Opportunity
Ambire Wallet Price(WALLET)
$0.01039
$0.01039$0.01039
USD
Ambire Wallet (WALLET) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
The Protocol: Ethereum faces make-or-break moment as scaling, quantum and AI pressures mount
Network News ETHEREUM FACES KEY MOMENT WITH QUANTUM, AI CHANGES AHEAD: The first couple of months of 2026 have forced the Ethereum community into a kind
Share
Coindesk2026/03/25 23:49
Adoption Leads Traders to Snorter Token
The post Adoption Leads Traders to Snorter Token appeared on BitcoinEthereumNews.com. Largest Bank in Spain Launches Crypto Service: Adoption Leads Traders to Snorter Token Sign Up for Our Newsletter! For updates and exclusive offers enter your email. Leah is a British journalist with a BA in Journalism, Media, and Communications and nearly a decade of content writing experience. Over the last four years, her focus has primarily been on Web3 technologies, driven by her genuine enthusiasm for decentralization and the latest technological advancements. She has contributed to leading crypto and NFT publications – Cointelegraph, Coinbound, Crypto News, NFT Plazas, Bitcolumnist, Techreport, and NFT Lately – which has elevated her to a senior role in crypto journalism. Whether crafting breaking news or in-depth reviews, she strives to engage her readers with the latest insights and information. Her articles often span the hottest cryptos, exchanges, and evolving regulations. As part of her ploy to attract crypto newbies into Web3, she explains even the most complex topics in an easily understandable and engaging way. Further underscoring her dynamic journalism background, she has written for various sectors, including software testing (TEST Magazine), travel (Travel Off Path), and music (Mixmag). When she’s not deep into a crypto rabbit hole, she’s probably island-hopping (with the Galapagos and Hainan being her go-to’s). Or perhaps sketching chalk pencil drawings while listening to the Pixies, her all-time favorite band. This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy. I Agree Source: https://bitcoinist.com/banco-santander-and-snorter-token-crypto-services/
Share
BitcoinEthereumNews2025/09/17 23:45
BlockchainFX or Based Eggman $GGs Presale: Which 2025 Crypto Presale Is Traders’ Top Pick?
Traders compare Blockchain FX and Based Eggman ($GGs) as token presales compete for attention. Explore which presale crypto stands out in the 2025 crypto presale list and attracts whale capital.
Share
Blockchainreporter2025/09/18 00:30
