The alleged mastermind behind the Solana memecoin protocol Pump.fun exploit has been arrested in London.
British authorities arrested former contractor Jarett Dunn, known online as @STACCoverflow, in the early hours of May 18, according to Blockworks, citing sources familiar with the operation.
The arrests reportedly came after a meticulous 26-hour intelligence operation by third-party stakeholders who hired a private intelligence firm. The operation utilized social media posts and other publicly available information to trace Dunn’s London whereabouts.
Local agents, or “auxiliaries”, were reportedly called in for a large-scale search that eventually led them to the Middle Eight Hotel in Covent Garden. Dunn was found in his hotel room and taken into custody seven hours later.
Interestingly, the timing of his arrest coincided with his last social media post about X. Here he hinted at his identity under the username @STACCoverflow, a play on the French phrase “j’arrête” (meaning “I am finished”). His real name is Jarrett.
Dunn was arrested and then released on bail based on his posts on X and verification by the intelligence company.
He will reportedly remain in the UK until his court appearance scheduled for August.
The Pump.fun platform, which simplifies token launches on the Solana (SOL) network, was exploited on May 16, resulting in the loss of more than 12,300 SOL, worth approximately $2 million at the time.
The attacker performed the exploit using flash lending from Raydium, Solana’s lending protocol. Flash lending is a decentralized finance (defi) tool that allows users to borrow large amounts of capital.
In this case, the attackers manipulated the Pump.fun bond curve, a mechanism that sets token prices based on supply.
By reaching 100% on this curve, the hacker was able to access and withdraw liquidity for Raydium and then repay the flash loan, making a significant profit.
Following the incident, Pump.fun began cooperating with law enforcement to investigate the violations.
Igor Igamberdiev, head of research at cryptocurrency marketplace maker Wintermute, was one of the first to suggest that an internal private key leak may have facilitated the hack. Afterwards, Dunn acknowledged his role in the attack under the alias @STACCoverflow and posted a series of erratic tweets expressing his desire to “change the course of history” and his mental health issues and grief over his mother’s death. was discussed openly.
And now; Magick: everybody be cool, this is a r o b b e r y. What it do, staccattack? I'm about to change the course of history. n then rot in jail. am I sane? nah. am I well? v much not. do I want for anything? my mom raised from the dead n barring that: /x
— 🔥🪂staccoverflow ; j'arrête ; (@STACCoverflow) May 16, 2024
He also claimed that the stolen funds would be distributed to various Solana token holders.
Dunn’s post said at least seven individuals were eligible to receive these payments, but did not provide specifics about the distribution process or deadline.
His message also suggested that emotional pain was a bigger motivation than financial gain.