Fraudsters have found a way to burn tokens from Solana wallets

Fraudsters have reportedly come up with a new way to trick Solana users into crypto – this time by burning users' tokens within seconds of their purchase.

According to Slorg, a member of the Solana-based Jupiter Core working group, fraudsters are starting to use a built-in Solana token extension to covertly delete their target's crypto holdings.

“Think about flexibility and a wallet history will prove you've received it. But you look inside and you see nothing,” Slorg said in a Sept. 3 post on X.

“Time passes and there's no sign, so do some digging and reach out to someone who knows what's going on. This was the fact that he was a member of the Jupiter community 4 days ago,” he added.

Abusers of permanent representative

For this user, you have changed to a token called “RED” with the extension “Permanent Representation”. This allowed the fraudsters to burn all tokens seven seconds after the transaction went through.

“Permanent delegation is an extension feature in the Solana Token 2022 standard,” Peckshield explained to Cointelegraph.

Solana's official website describes the permanent delegate extension as a function of “unlimited delegated delegation, which grants exclusive rights to all token accounts for that mint, allowing them to burn or transfer unlimited tokens.

It is intended for legitimate use cases such as issuing misdirected tokens, revoking access tokens, or sanctions compliance. It can also be used for automatic payments and refunds.

However, even Solana said that it is a “double-edged sword” and can be abused.

Why do they burn the symbols of the victims?

Speaking to Cointelegraph, Slorg said that there could be many reasons for a fraudster to burn tokens.

“The reason is that it's creating a whole mess,” Slorg said. “Sometimes pranksters want to see destruction and chaos. Kind of like a mix between humor and ‘fuck u.'

The second reason, Slorg said, is to reduce floating.

“If someone can't sell, the price doesn't go down. Scammers often scam most startup offers and don't need more than $50 in profit to make it worthwhile.

“Last November, I saw a single scammer who started a token before pump.fun and collected only 50-100 dollars each time, but he distributed 50 per day, he made thousands per week,” said Slorg. :

“Maybe it's not the most efficient strategy, but they're definitely out there trying.”

Blockchain security service providers Beosin and PecShield also shared similar theories in comments to Cointelegraph.

PeckShield “essentially assumes that fraudsters are trying to influence the Tokenomics of the cryptocurrency, as it allows for manipulation of the distribution supply of the corresponding tokens.

Meanwhile, Beosin believes that the fraudster used the function to trick users into distributing generated tokens by destroying users' tokens.

“For example, they burn other people's tokens to increase the value of the token and make a profit related to tokens from some DeFi protocols.”

Related: Solana memecoin hits massive $328T market cap – for all the wrong reasons

Slore mentions that Jupiter and Rugged Cheek were among the two bodies that formed the pointers when this extension was lit.

“However, it is critical to exercise due diligence with any token. Have a regular routine, and take the time to read the whole text when you change.”

If not, it could cost you one day – especially as new token capabilities are developed.

Others have reported receiving similar scams recently, Slorg said.

Magazine: How Cryptobots Are Ruining Crypto — Including Auto Memecoin Carpet Pulling