Hacker Steals $1M From the Solana-based Cypher Protocol DEX

• Cypher Protocol has frozen its Smart Contract following an exploit.
• A hacker stole approximately 38,530 SOL tokens and $123,184 USDC.
• The linked wallet transferred 30,000 USDC to Binance’s Solana USDC address “kiing.sol”.

Cypher Protocol, a Solana-based decentralized futures exchange, has frozen its Smart Contract following an exploit. In a tweet, the platform confirmed the incident and informed its followers about ongoing investigations into the hack. It also included a message to the hacker with an invitation to negotiate further possibilities.

Data from Solana blockchain explorer, Solscan, shows that the wallet linked to the exploit stole approximately 38,530 SOL tokens and $123,184 USDC. The stolen assets’ total value is estimated at $1,035,203.

In the hours following the exploit, the linked wallet transferred 30,000 USDC to Binance’s Solana USDC address “kiing.sol”. Users suspect that the hacker made the transfer in an attempt to cash out the stolen funds.

Following the incident, some Cypher Protocol followers sent messages to the wallet using NFTs, requesting the hacker to return the stolen funds. One of the NFTs read: “Seriously though, you used Binance and KuCoin to fund and to try to get 30k out. People will find you. Please do the right thing and give the rest back.” Another NFT-based message that was sent to the linked wallet simply read; “give it back you s***lord.”

A Solana supporter identified as PSY on X (formerly Twitter) observed “a positive side” to the exploit. According to PSY, the positive side of this incident is that it was much faster than Ethereum, and the hacker paid hardly any fees.

The timing of this exploit coincides with the Cypher Protocol’s mtnDAO hacker house event. Cypher is hosting the event with another Solana-based protocol, Marginfi. Marginfi notified its followers via its Telegram channel it remains independent of Cypher and had not been impacted by the exploit.