NoOnes Solana Bridge Exploit Hot Wallets Drained

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 17:01, 4 February 2025 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/noonessolanabridgeexploithotwalletsdrained.php}} {{Unattributed Sources}} thumb|No Ones App Logo/HomepageNoOnes is a comprehensive crypto platform offering services such as P2P trading, crypto swaps, gift card purchases, and a digital wallet, with support for over 500 payment methods. It provides users from 60+ countries with competitive quotes and the ability to...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

No Ones App Logo/Homepage

NoOnes is a comprehensive crypto platform offering services such as P2P trading, crypto swaps, gift card purchases, and a digital wallet, with support for over 500 payment methods. It provides users from 60+ countries with competitive quotes and the ability to trade and convert cryptocurrencies instantly. In early January 2025, NoOnes suffered a significant hack involving $7.9 million stolen from its hot wallets across multiple blockchains. The breach was attributed to a vulnerability in their Solana bridge. The funds were routed through Tornado Cash. Initially, NoOnes did not acknowledge the hack and instead reported maintenance. The CEO, Ray Youssef, later confirmed the breach and pledged to cover the lost funds personally. This incident has highlighted the importance of improved security measures in the crypto industry, including multi-factor authentication and real-time monitoring.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18]

About NoOnes App

NoOnes is a comprehensive platform offering a range of crypto services, including P2P trading, gift card purchases, crypto swaps, and a digital wallet. It supports over 500 payment methods, with a 24-hour marketplace volume of $33,716 and a Bitcoin market price of $101,931.5. Users from 60+ countries can trade and convert cryptocurrencies instantly with competitive quotes. NoOnes also provides a Virtual VISA card for global payments, the ability to recharge phones with crypto, and OTC desk services. Users can download the app for Android and iOS, and enjoy benefits like low fees and access to various products.

To buy Bitcoin on NoOnes, simply sign up for an account, create a verified wallet with 2FA security, and choose from multiple payment methods like bank transfers or online wallets. No fees are charged, so you get more crypto for your money. Find a vendor that matches your preferences, review their requirements, and start the trade. Once payment is made and confirmed, your Bitcoin will be released from escrow into your NoOnes wallet. The platform ensures a safe environment through monitoring and user verification, and customer support is available 24/7 for assistance.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"The peer-to-peer cryptocurrency trading platform NoOnes suffered a major security breach earlier this month. CEO Ray Youssef explained that the breach occurred on January 1st due to an exploit involving their Solana bridge."

Key Event Timeline - NoOnes Solana Bridge Exploit Hot Wallets Drained
Date Event Description
January 1st, 2025 5:13:59 PM MST First USDT Ethereum Theft The first withdrawal of USDT on Ethereum.
January 1st, 2025 10:31:00 PM MST Maintenance Wrap-Up NoOnes posts an update that they are wrapping up their maintenance and the market is back online. All chans except solana are supported for deposits. Withdrawals appear to be fully enabled on Tron, USDT, BTC, and XMR.
January 2nd, 2025 8:19:00 AM MST USDT BEP-20 Enabled "USDT BEP-20 has been enabled for withdrawals!"
January 24th, 2025 1:24:00 AM MST ZachXBT Posts Investigation ZachXBT posts an investigation of the exploit on Telegram.
January 24th, 2025 3:56:00 AM MST Ray Youssef Posting Tweet The CEO of NoOnes posts an update on Twitter/X about the breach which happened "earlier this month" on January 1st.
January 24th, 2025 8:56:00 AM MST Jameson Lopp Response Jameson Lopp challenges Ray to "explain how user funds are safe when the on-chain data looks like [the protocol] lost nearly $8M"
January 24th, 2025 9:09:08 AM MST CryptoSlate Article Published CryptoSlate publishes an article about NoOnes, a peer-to-peer crypto marketplace, which recently acknowledged an $8 million exploit after ZachXBT, an on-chain investigator, raised concerns. The breach, which likely occurred between January 1 and 2, involved suspicious transactions from the platform’s hot wallets across Ethereum, TRON, Solana, and Binance Smart Chain. The stolen funds were funneled to the Tornado Cash mixer. NoOnes initially did not address the breach but later confirmed it after the investigation, attributing it to a vulnerability in the Solana bridge. The platform quickly contained the issue and suspended the bridge for further security testing.

Technical Details

The hack, which occurred in early January, involved suspicious outflows from Noones' hot wallets on multiple blockchains, including Ethereum, TRON, Solana, and BNB Chain. The stolen funds were routed through Tornado Cash, a crypto mixer.

"Funds were bridged to Ethereum/BSC and then deposited to Tornado Cash.

Theft consolidation addresses:

Ethereum 0x72c1eabafc42a2ac6d0447b02c657b96f07402e6 0x4b0edd27196063476d91b634333be289beca9202 0x6c9b55b50e6a42fd7a14b49ba7747096090b0465 Tron TLRzLWbrCPVjXEcTDHv4Lavm6CxonUgJST TSnsmxEPy7rqk9XRsCiYEk5ntchweGFq2A BSC 0x72c1eabafc42a2ac6d0447b02c657b96f07402e6 Solana BBJoEgHq1igbH4fXfLtxRBodpFb1qcYQRk4UCpzVKobo"

Total Amount Lost

"The P2P marketplace Noones was likely exploited for ~$7.9M on Ethereum, Tron, Solana, & BSC on January 1-2, 2025 as its hot wallets saw hundreds of suspicous outflows for <$7K per txn."

The total amount lost has been estimated at $7,900,000 USD.

Immediate Reactions

Noones did not initially acknowledge the breach. They instead reported maintenance on their wallets.

"Shortly after the platform made an announcement about maintenance although no official statement was made about any security incident."

"We’re wrapping up our NY maintenance on @noonesapp! Marketplace is back online. Wallet is back with some temporary limitations: Deposits: all chains except SOL. Sendouts: TRON USDT, BTC, XMR. Stay tuned for more updates!"


Ultimate Outcome

NoOnes later confirmed it was due to a Solana bridge vulnerability. This incident underscores the need for improved security measures in the crypto market, such as multi-factor authentication, encryption, and real-time monitoring, to safeguard against future hacks.

The NoOnes hack, which exposed a $7.9 million vulnerability in crypto wallets, reportedly raised alarms for the crypto industry, particularly for startups.

NoOnes CEO Ray Youssef has reportedly decided to cover all funds from the loss himself.

"On Jan 1 there was an exploit of our Solana bridge. Our security teams quickly responded and the situation was immediately contained.

User funds SAFU and personal data SAFU.

We know Solana is hot now but Solana will not come back up until exhaustive pen testing is done.. Apologize for the inconvenience."

"Keeping that much in a hot wallet is not smart. One day of liquidity is enough. The rest in cold storage. Should have always been this way but we adapt. I have Always covered any losses myself like with Celcius and even compliance locked funds at mt Old company. My record and honor stand tall always bro"

Total Amount Recovered

The total amount recovered has been estimated at $7,900,000 USD.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Jameson Lopp - "You should probably explain how user funds are safe when the on-chain data looks like you lost nearly $8M." - Twitter/X (Accessed Feb 3, 2025)
  2. Ray Youssef - "On Jan 1 there was an exploit of our Solana bridge. Our security teams quickly responded and the situation was immediately contained." - Twitter/X (Accessed Feb 3, 2025)
  3. @noonesapp Twitter (Accessed Feb 3, 2025)
  4. No Ones Tech - "USDT BEP-20 has been enabled for withdrawals!" - Twitter/X (Accessed Feb 3, 2025)
  5. No Ones Tech - "We’re wrapping up our NY maintenance on @noonesapp!" - Twitter/X (Accessed Feb 3, 2025)
  6. @ibcgroupio Twitter (Accessed Feb 3, 2025)
  7. Noones acknowledges $8 million exploit after ZachXBT raises concerns - CryptoSlate (Accessed Feb 3, 2025)
  8. ZachXBT Investigations Post (Accessed Feb 3, 2025)
  9. https://www.binance.com/en/square/post/01-26-2025-noones-800-19435495360242 (Accessed Feb 3, 2025)
  10. Securing Crypto: How not to lose money to a hacker • Noones Blog (Accessed Feb 3, 2025)
  11. A Wake-Up Call for Crypto Wallets: Noones' Hack Exposed - OneSafe Blog (Accessed Feb 3, 2025)
  12. https://www.binance.com/en/square/post/19371510361953 (Accessed Feb 3, 2025)
  13. Bitcoin P2P Marketplace, NoOnes, Reportedly Suffers $7.9M Hack (Accessed Feb 3, 2025)
  14. @Crypto_TownHall Twitter (Accessed Feb 3, 2025)
  15. Ex-Paxful CEO's Bitcoin marketplace Noones exploited for nearly $8m, ZachXBT says (Accessed Feb 3, 2025)
  16. Transfer $48,965.14 USDT To Thief - Etherscan (Accessed Feb 3, 2025)
  17. Theft Transactions - Etherscan (Accessed Feb 3, 2025)
  18. @ray_noOnes Twitter (Accessed Feb 3, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=NoOnes_Solana_Bridge_Exploit_Hot_Wallets_Drained&oldid=6517"