According to Blockworks, the attacker suspected of hacking into the Solana ecosystem meme coin platform pump.fun has been arrested in London. A source familiar with the matter stated that the UK police arrested Jarett Dunn, a former contract employee of the protocol, with the online alias staccoverflow, in the early hours of last Saturday (18th).
The source informed Blockworks that a third-party stakeholder signed a contract with a private intelligence company to determine Dunn’s location. The source also confirmed the authenticity of a screenshot circulating online, which is associated with Dunn’s alias and a Binance account.
The source pointed out that this 26-hour intelligence operation utilized Instagram posts and other “open-source intelligence” to identify Dunn’s approximate location in London. Subsequently, the company signed a contract with local agents to initiate a “large-scale search operation.” After a comprehensive search, Dunn was eventually found inside a hotel in London and was arrested 7 hours later.
According to a tweet posted by another possible account of Jarett Dunn, @JarettDunn, he was later released on bail, which has been confirmed by sources from the intelligence company. It is reported that Dunn is expected to remain in the UK, awaiting further court summons in August.
According to a previous report by Zombit, the Pump.fun team stated in their investigation report that there were no vulnerabilities in the Pump.fun contract, and the reason for the hack was the illegal misappropriation of approximately 12,300 SOL tokens (about $1.9 million) by a former employee. According to Igor Lamberdiev, the Head of Research at Wintermute, besides exploiting flash loans, the main cause of the attack seems to be the leakage of Pump.fun’s private key. In addition, the hacker seems to have used the stolen SOL tokens for random airdrops to holders’ addresses of Slerf, Stacc, Saga, and risklol, among others.
