Security

Coinbase Hacker Converts $22.9M Into Solana After Major Breach

Helga Ivv

03 Oct 2025 • Updated: 03 Oct 2025 — 2 min read

The hacker behind the massive Coinbase cyberattack earlier this year has moved millions in stolen funds into Solana, according to on-chain data. Analysts say this marks the second significant Solana purchase tied to the attacker, who is believed to have siphoned off as much as $400 million from the exchange in May 2025.

Hacker Buys Over 100,000 SOL

Blockchain sleuth Ember CN reported that the hacker swapped roughly 22.95 million DAI for USDC before bridging the funds to the Solana network. The attacker then purchased 100,913 SOL at an average price of $227 per token, spending nearly the entire balance.

By October 3, 09:24 UTC, the wallet linked to the hacker held just $0.47 worth of Solana, signaling the funds had been quickly moved. This is the largest Solana buy to date by the attacker.

It follows a similar move last month, when the hacker converted stolen stablecoins into 38,126 SOL.

At press time, Solana was trading at $231, up 3% in the past 24 hours and 10.8% higher over the past month. Still, the token remains about 21% below its all-time high of $293.

Tracing the Hacker’s Moves

Since the May breach, the attacker has carried out at least five notable on-chain transactions. Activity includes:

Swapping $42.5M in Bitcoin for Ethereum via THORChain.
Selling 26,347 ETH for 68.18M DAI at an average price of $2,588.
Repurchasing 5,513 ETH for 14.86M DAI at $2,696 in July.
Recent large-scale Solana purchases using converted DAI and USDC.

The pattern suggests the hacker is shifting between stablecoins and major crypto assets, possibly as a way to obfuscate funds and test liquidity across different chains.

Inside the Coinbase Cyberattack

The breach, reported in May 2025, was one of the largest in Coinbase’s history, impacting nearly 70,000 users. Investigations revealed that hackers used social engineering tactics, including bribing overseas customer-support contractors, to gain access to sensitive records between December 2024 and May 2025.

Compromised data included full names, addresses, phone numbers, dates of birth, partial bank account details, and even government-issued ID scans. The incident caused widespread concern over centralized exchange security and insider threats in the crypto industry.

What Is Uniswap V4? Features, Hooks, and Key Changes

A Quick Look at Uniswap’s Evolution Uniswap has become one of the core building blocks of decentralized finance (DeFi). Launched in 2018 by Hayden Adams, the protocol introduced a simple idea: let users trade tokens directly from liquidity pools instead of relying on traditional order books. Over time, each

Ethereum Foundation Sells $47M ETH To Bitmine In Week

The Ethereum Foundation sold $47 million worth of Ether (ETH) to Bitmine Immersion Technologies over two transactions in one week. The activity highlights continued reliance on treasury sales to fund operations despite efforts to diversify revenue streams. The latest sale involved 10,000 ETH valued at approximately $23 million, following

OpenAI Ends Microsoft Exclusivity Expands To AWS

OpenAI has ended its exclusive cloud arrangement with Microsoft, allowing its models to run on Amazon Web Services and potentially Google Cloud. The shift opens access to a broader enterprise base and removes a key distribution constraint that had tied deployment to Azure. The revised agreement converts Microsoft’s license

CoinShares AUM Hits $7.4B After Nasdaq Listing Filing

CoinShares reported $7.4 billion in assets under management (AUM) in its first annual filing since listing on Nasdaq, marking a key milestone in its expansion into U.S. capital markets. The disclosure highlights growing institutional demand for regulated crypto investment products. The firm generated $165.7 million in total