Key Highlights
- A crypto user said his wallet was drained of more than $700 after suspicious BNB Chain activity.
- The stolen funds allegedly moved to Solana and were used to buy over 106 million VICE tokens.
- An on-chain investigator claimed the drainer became the largest VICE holder after using stolen funds to pump the memecoin.
A crypto wallet-drainer attack has taken a sharper memecoin turn after stolen funds were allegedly used to buy a large position in VICE, a Pump.fun token on Solana.
The victim, posting under the handle 0xOlami, said his wallet was drained after he withdrew funds from MEXC. According to his post, more than $700 worth of BNB-linked assets moved out of his wallet before 8.2 SOL appeared and was also transferred away within seconds.
The SOL allegedly landed in the wallet:
46qWcTVCEssE9ScUwProUoK3T3tkPsAD7XB8PhnSHzjy
Instead of simply cashing out, the attacker allegedly used the stolen SOL to buy VICE tokens on Pump.fun. Screenshots shared in the thread show the wallet swapping about 8 SOL, worth roughly $727, for 106,013,446 VICE tokens.
Drained Funds Turned Into a Memecoin Pump
The on-chain thread claimed that the drainer wallet used the stolen SOL to build a massive VICE position immediately after receiving the victim’s funds.
According to the investigator, the wallet bought roughly 12% of the VICE token supply, making it the single-largest holder of the memecoin. A related operator wallet allegedly held another 6%, meaning wallets tied to the attack could have controlled around 18% of the supply.
That changes the nature of the incident. The stolen funds were not only moved through chains or parked in a wallet. They were allegedly used as buying pressure for a low-cap memecoin, creating an artificial pump funded by a victim’s assets.
The VICE token contract shown in the post is:
HcwLsRpU1Qgz34ou8vZg7tk8Vbhikrp6J6Qyf1Ywpump
BNB Chain Drain Linked to EIP-7702 Delegation
The victim’s BNB Chain wallet also showed EIP-7702 authorization activity, according to the screenshots. The wallet address shared by the victim was:
0x8d3AaE7D140704cFaeEfe644C8e9C2698Df6C87e
The screenshots show the wallet had delegated authority to another address before the drain. EIP-7702 allows a normal wallet to temporarily behave more like a smart contract wallet, but malicious delegations can give attackers a dangerous level of control if users sign the wrong transaction.
That appears to be the core security risk in this case. The victim may not have signed a simple token approval. The suspicious transaction allegedly gave delegated control that later allowed funds to move out of the wallet.
Solana Wallet Trail Points to Coordinated Activity
The on-chain analyst also claimed that the drainer wallet was funded by an operator wallet, which itself was funded by an older relay wallet. Another coordinator wallet allegedly distributed SOL for gas fees to multiple wallets.
One wallet flagged in the thread, QvtWcAX3R7Cr51VhAxFSYntoCAmTQzK8Hf4R1TrKNQ4, was described as connected to the operation through on-chain activity and was shown holding over $3,000 in USDC and USDT, along with memecoins.
The analyst claimed this wallet had been funded by an OKX hot wallet around 50 days earlier. That does not prove the operator’s identity publicly, but it could give exchanges and investigators a compliance trail if the funds were tied to a verified account.
A New Pattern for Wallet Drainers
The case highlights a growing pattern in crypto theft. Attackers are no longer just draining wallets and moving funds to mixers, bridges, or exchanges. In this case, the stolen assets were allegedly used to buy a large share of a memecoin supply, turning the attack into both a theft and a market manipulation play.
For retail users, the risk is bigger than one stolen balance. A malicious delegation can silently turn a wallet into an attack surface, while the stolen capital can then be used to pump thinly traded tokens where a few hundred dollars can move supply concentration quickly.
The VICE incident shows how wallet-drainer attacks, Solana memecoin speculation, and hidden authorization risks are now colliding in one playbook.
Also Read: SIREN Sounds the Alarm: Token Crashes 57% in a Single Day
Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.
