USER-REPORTED SCAM WARNING · UTC OSINT INDEX

Soldrift / devbeast5775
Security Warning and OSINT Index

A dense public security-warning report about Soldrift, Telegram @devbeast5775, related GitHub traces, Solana HFT/sniper/arbitrage tooling, wallet/private-key exposure, phishing-tool risk, KuCoin-linked Solscan wallet leads, and public evidence preservation.

Critical warning Evidence index Immediate actions

NOTICE / CORE INDEX

This report records a user-reported scam, drain, phishing-tool, and malicious backdoor-system warning tracked since May 2026. It preserves submitted screenshots, public GitHub traces, public blockchain leads, and Solana ecosystem risk indicators in UTC.

Report purposePublic security warning for users who may access, buy, run, or deploy high-risk Solana trading tools.

Primary identifiersSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

Threat focusWallet drainers, phishing-style tools, private-key exposure, malicious backdoors, and HFT/sniper/arbitrage bot risk.

Evidence basisSubmitted profile images, Solscan screenshot, public GitHub traces, public repository/tool categories, and wallet lead.

Core index: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, private-key exposure, and emergency mitigation steps.

May 2026 trackingUTC recordSolana ecosystem warningDrain / phishing-tool riskPrivate-key safetyOSINT evidence index

overview

Executive warning

Treat Soldrift, Telegram @devbeast5775, and related aliases as a severe security-risk cluster unless independently cleared by forensic audit.
Any connected tool requesting PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API access, server administrator access, encrypted bot execution, or wallet export capability should be considered unsafe.
The risk is elevated because the public tool categories involve high-speed Solana trading, HFT, sniping, arbitrage, MEV, volume automation, copy trading, wallet tracking, and exchange-linked automation.
All timestamps in this report should be recorded in UTC. Local time assumptions should be avoided unless independently verified.

identity

Identity and alias index

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Submitted exhibits

Exhibit A and Exhibit B are submitted profile/avatar records for identity-context documentation.
Exhibit C is a submitted Solscan screenshot showing account EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg, a high SOL balance at capture time, and recent transfer rows involving KuCoin 2.
The submitted wallet screenshot is a tracing lead, not standalone proof of wallet ownership, KuCoin API use, HFT operation, bot profit, or criminal intent.
Every exhibit should be archived with a UTC timestamp, source URL, screenshot hash if available, and a redaction note for private keys, API keys, personal data, and unrelated information.

Submitted Solscan wallet activity exhibit

github

GitHub and tool-cluster index

Public GitHub traces associated with Soldrift show a broad Solana/Web3 bot portfolio pattern including Pump.fun, PumpSwap, Raydium, Meteora, Orca, Jupiter, sniper, bundler, volume, arbitrage, MEV, copy-trading, wallet-tracking, and exchange-linked tooling.
whistledev411, @whistle, and @soldrift should be monitored as possible alias, migration, clone-path, contact-label, or rebranding traces because related repository themes and contact patterns may overlap.
Repository deletion, private conversion, 404 status, renaming, locking, clone-path movement, or account migration should be treated as unresolved risk rather than evidence that the issue is resolved.
A GitHub account with many repositories and high follower count can create credibility, but it does not prove that private-key software is safe. Wallet-related code must be independently audited.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan wallet and KuCoin-linked lead

The Solscan account lead is EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg.
The complainant alleges that visible KuCoin-linked transfer patterns may indicate KuCoin API-based high-performance arbitrage or HFT activity generating significant profit.
This report records that allegation as an investigative lead only. The screenshot does not independently prove who controls the wallet, whether KuCoin API was used, whether the activity is HFT, or whether any profit came from a bot.
Recommended lawful OSINT steps: preserve transaction hashes, compare UTC timestamps, map exchange deposit/withdrawal patterns, archive counterparties, and avoid doxxing, account intrusion, or unauthorized access.

on-chain tx evidence

Confirmed on-chain wallet-cluster evidence

Newly submitted Solscan transaction evidence links the reported victim-fund receiving wallet, an intermediate routing wallet, and a high-balance arbitrage/API-style wallet into the same operational fund-flow cluster.

Victim-fund receiving walletE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiUser-reported wallet where the stolen funds entered.

Intermediate / routing walletGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet used in the observed transfer route after the victim-fund wallet.

High-balance arbitrage / API-style walletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet reported to have held over USD 30,000 at observation time and then shown automated/arbitrage-style activity.

Observed fund-flow route

Reported flow: victim funds entered the first wallet, were routed through the intermediate wallet, and are connected through the listed TXIDs to activity involving the high-balance arbitrage/API-style wallet.

Transaction evidence

Item	Solscan transaction / account link	Relevance
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Submitted TXID for the reported fund-flow route connecting the victim-fund cluster to the arbitrage/API-style wallet activity.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Submitted TXID for the reported fund-flow route connecting the victim-fund cluster to the arbitrage/API-style wallet activity.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Submitted TXID for the reported fund-flow route connecting the victim-fund cluster to the arbitrage/API-style wallet activity.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Account page for the high-balance wallet connected to the submitted TX evidence.

Compliance significance

This evidence should be reviewed as a direct on-chain operational link, not as a standalone court finding. It strongly supports treating the victim-fund wallet, the intermediate wallet, and the arbitrage/API-style wallet as a connected wallet cluster for exchange compliance, law-enforcement preservation, and scam-report review.

Review whether these wallets connect to the same KuCoin account, API credentials, KYC profile, IP/device logs, deposit records, withdrawal records, linked accounts, or trading infrastructure.
Preserve the exact TXIDs, Solscan links, timestamps, sender/receiver rows, amounts, screenshots, and any signer/fee-payer/actor fields visible in the transaction details.

pre-incident statement

Pre-incident HFT arbitrage bot claim and tool-upgrade statement

A newly added user-reported timeline item records that, only hours before the incident, the reported individual allegedly claimed that he could earn approximately $2,000 per day through an HFT/arbitrage bot, stated that he wanted to see the victim's launch succeed, and said that he had heavily upgraded the tool for that purpose.

Telegram chat screenshot showing Soldrift HFT arbitrage bot claim and 1-2k USD per day profit claim — Exhibit: Telegram HFT bot statement screenshot. The chat records the claimed Solana HFT/algo trading bot, a claimed 1–2k USD per day profit range on Pump.fun, and the statement that it uses its own strategy.

This screenshot turns the HFT/arbitrage claim from a timeline allegation into a visible chat exhibit that should be preserved with UTC timestamp, source context, and the original Telegram export if available.

Claimed trading capabilityHFT / arbitrage bot income claimReported statement: approximately $2,000 per day from high-frequency arbitrage-style bot activity.

Tool-upgrade timingHours before the incidentThe reported upgrade statement immediately preceded the later fund-loss event and on-chain tracing findings.

Connected wallet contextEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgHigh-balance arbitrage/API-style wallet later linked by the wallet-cluster TX evidence.

Why this statement matters

The statement is relevant because it links claimed technical capability, claimed HFT/arbitrage infrastructure, a last-minute tool upgrade, and the later on-chain fund-flow route.
Shortly after the claimed upgrade, the incident occurred, and the submitted TX evidence connected the victim-fund route to the high-balance arbitrage/API-style wallet.
The timing raises serious concern that the tool upgrade may have included hidden malicious logic, unauthorized access capability, wallet/key-handling abuse, or a backdoor-like mechanism.
This section records the statement as an investigative lead requiring forensic review of the delivered source code, VPS/server logs, deployment history, environment variables, wallet/key-handling logic, and outbound network calls.

This report does not rely on the statement alone as proof of code-level compromise. The significance comes from the combined timeline: pre-incident HFT/arbitrage claim, tool-upgrade statement, trusted developer/server access, post-incident non-response, and the later Solscan wallet-cluster evidence.

threat

Threat model and suspected monetization path

Suspected monetization path: credibility building through public GitHub repositories, followed by private Telegram sales of high-demand Solana trading tools.
Potential exposure path: user runs a tool that requests PRIVATE_KEY, RPC keys, GRPC_TOKEN, exchange API access, or server administrator access.
Potential persistence path: tool installs background services, PM2 processes, crontabs, systemd units, hidden startup scripts, webhooks, remote logging, or encrypted packages.
Potential rebranding path: after exposure, the operator may rotate Telegram handles, GitHub usernames, repository names, clone URLs, profile images, or README language.
Potential profit path alleged by the complainant: exchange-linked HFT/arbitrage execution, KuCoin-linked transfer flow, Solana bot automation, and high-frequency wallet activity. This requires independent verification.

redflags

Technical red flags

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Asia-Pacific caution notice

Activity windows and broken-English usage may be OSINT notes, but they do not prove Korean, Asian, or any specific nationality.
Because the reported contact pattern, Telegram sales, GitHub activity, and Solana bot offers may overlap Asia-Pacific users and time zones, Asian crypto communities should treat this identity cluster as high risk.
Users in Korea, Japan, China, Southeast Asia, and the broader Asia-Pacific region should be especially cautious with Telegram-based HFT, sniper, arbitrage, private-key, and wallet automation offers connected to this cluster.
This warning is directed at risk prevention, not ethnicity, nationality, or regional profiling.

tracking

Reverse-tracking search index

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Immediate security actions

Do not run any related bot on a funded machine.
Do not paste a valuable private key into any .env file, website, Telegram bot, dashboard, compiled binary, encrypted package, or VPS.
Use only a disposable sandbox machine and an empty test wallet.
Rotate all exposed API keys, RPC keys, gRPC tokens, GitHub tokens, server passwords, and wallet keys.
Remove unknown SSH keys, PM2 processes, crontabs, systemd services, hidden startup scripts, and unexpected background services.
Search the codebase for outbound requests, webhooks, base64 blobs, dynamic execution, wallet export logic, private-key storage, and remote logging.
Archive public evidence with UTC timestamps and report suspicious repositories through proper platform channels.

preservation

Evidence preservation protocol

Preserve public repository URL, owner name, README text, repository description, topics, commit timestamps, release files, package names, screenshots, demo links, and fork relationships.
Preserve Telegram handle, displayed contact addresses, public payment wallets, transaction hashes, Solscan pages, exchange labels, and UTC screenshot timestamps.
Do not publish private keys, seed phrases, API keys, unrelated private messages, private addresses, phone numbers, or unsupported personal information.
Use correction-friendly wording. Separate user-confirmed experience from court-confirmed legal conclusions.
Record each update with UTC date, source URL, short description, and whether the evidence is screenshot-based, repository-based, blockchain-based, or user-submitted.

sources

Public verification links

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

사용자 신고 스캠 경고 · UTC OSINT 색인

Soldrift / devbeast5775
보안 경고 및 OSINT 색인

Soldrift, Telegram @devbeast5775, 관련 GitHub 흔적, Solana HFT/sniper/arbitrage 도구, 지갑/프라이빗키 노출, 피싱형 도구 위험, KuCoin 연계 Solscan 지갑 단서, 공개 증거 보존을 다루는 고밀도 공개 보안 경고 보고서입니다.

핵심 경고 증거 색인 즉시 조치

고지 / 핵심 색인

이 보고서는 2026년 5월부터 추적된 사용자 신고 기반 스캠, 드레인, 피싱툴, 악성 백도어 시스템 경고 기록입니다. 제출된 스크린샷, 공개 GitHub 흔적, 공개 블록체인 단서, Solana 생태계 위험 지표를 UTC 기준으로 보존합니다.

보고서 목적고위험 Solana 거래 도구에 접근·구매·실행·배포하려는 사용자에게 공개 보안 경고를 제공하는 것입니다.

핵심 식별자Soldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

위협 초점지갑 드레인, 피싱형 도구, 프라이빗키 노출, 악성 백도어, HFT/sniper/arbitrage 봇 위험입니다.

증거 기준제출된 프로필 이미지, Solscan 스크린샷, 공개 GitHub 흔적, 공개 저장소/도구 범주, 지갑 단서입니다.

핵심 색인: Telegram 핸들, GitHub 별칭 클러스터, Solscan 지갑 단서, KuCoin 연계 전송 행, Solana HFT/sniper/arbitrage 도구, 프라이빗키 노출, 긴급 완화 조치.

2026년 5월 추적UTC 기록Solana 생태계 경고드레인/피싱툴 위험프라이빗키 안전OSINT 증거 색인

overview

핵심 경고

Soldrift, Telegram @devbeast5775, 관련 별칭은 독립 포렌식 감사로 해소되기 전까지 심각한 보안 위험 클러스터로 취급해야 합니다.
PRIVATE_KEY, 시드 구문, 자금 지갑, RPC 인증정보, GRPC_TOKEN, 거래소 API 접근, 서버 관리자 권한, 암호화된 봇 실행, 지갑 내보내기 기능을 요구하는 모든 관련 도구는 안전하지 않은 것으로 보아야 합니다.
위험도가 높은 이유는 공개 도구 범주가 고속 Solana 거래, HFT, sniping, arbitrage, MEV, volume 자동화, copy trading, wallet tracking, 거래소 연계 자동화를 포함하기 때문입니다.
이 보고서의 모든 시간 기록은 UTC로 남겨야 합니다. 독립 검증 전까지 현지 시간 추정은 피해야 합니다.

identity

식별자 및 별칭 색인

주요 온라인 식별자Soldrift공개 GitHub 및 보고서 문맥에서 사용되는 핵심 이름입니다.

핵심 연락 식별자Telegram @devbeast5775검색, OSINT 매칭, 사용자 경고를 위해 강조되는 주요 핸들입니다.

Telegram URLt.me/devbeast5775아카이브 캡처가 필요한 공개 연락 흔적입니다.

관련 공개 흔적whistledev411 / @whistle / @soldrift가능한 별칭, 이전, clone 경로, 리브랜딩 클러스터로 모니터링해야 합니다.

지갑 단서EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg신고자가 제출한 Solscan 계정 단서입니다.

관찰된 거래소 연계 라벨KuCoin 2제출된 Solscan 스크린샷에서 거래 상대 라벨로 보입니다.

시간 기준UTC only사건, 커밋, 거래, 스크린샷, 아카이브 시간은 모두 UTC로 기록합니다.

evidence

제출 증거

증거 A와 증거 B는 식별자 문맥 기록을 위해 제출된 프로필/아바타 자료입니다.
증거 C는 EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg 계정, 캡처 당시 높은 SOL 잔고, KuCoin 2 관련 최근 전송 행을 보여주는 Solscan 스크린샷입니다.
제출된 지갑 스크린샷은 추적 단서이며, 그 자체만으로 지갑 소유권, KuCoin API 사용, HFT 운용, 봇 수익, 범죄 의도를 입증하지 않습니다.
모든 증거는 UTC 타임스탬프, 출처 URL, 가능하다면 스크린샷 해시, 프라이빗키/API 키/개인정보/무관 정보에 대한 마스킹 기록과 함께 보존해야 합니다.

github

GitHub 및 도구 클러스터 색인

Soldrift와 관련된 공개 GitHub 흔적은 Pump.fun, PumpSwap, Raydium, Meteora, Orca, Jupiter, sniper, bundler, volume, arbitrage, MEV, copy-trading, wallet-tracking, 거래소 연계 도구를 포함하는 광범위한 Solana/Web3 봇 포트폴리오 패턴을 보여줍니다.
whistledev411, @whistle, @soldrift는 관련 저장소 주제와 연락 패턴이 겹칠 수 있으므로 가능한 별칭, 이전, clone 경로, 연락처 표기, 리브랜딩 흔적으로 모니터링해야 합니다.
저장소 삭제, 비공개 전환, 404 상태, 이름 변경, 잠금, clone 경로 이동, 계정 이전은 문제가 해결되었다는 증거가 아니라 미해결 위험 신호로 취급해야 합니다.
다수의 저장소와 높은 팔로워 수를 가진 GitHub 계정은 신뢰감을 줄 수 있지만, 프라이빗키 관련 소프트웨어의 안전성을 증명하지 않습니다. 지갑 관련 코드는 독립 감사를 받아야 합니다.

Tool-category matrix

런칭 도구	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	프라이빗키 또는 자금 지갑과 결합되면 고위험입니다.
거래 봇	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	실거래 실행 및 숨겨진 네트워크 동작과 결합되면 고위험입니다.
볼륨 도구	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	시장 조작형 또는 악용성 활동을 시사할 수 있습니다.
거래소 연계 도구	KuCoin API, exchange routing, arbitrage execution	거래소 키 노출이 필요하므로 독립 검증이 필요합니다.
피싱형 도구	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	비밀값이나 자금을 요구하면 심각한 위험입니다.

wallet

Solscan 지갑 및 KuCoin 연계 단서

Solscan 계정 단서는 EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg 입니다.
신고자는 화면에 보이는 KuCoin 연계 전송 패턴이 KuCoin API 기반 고성능 차익거래 또는 HFT 활동을 통한 상당한 수익과 관련될 수 있다고 주장합니다.
이 보고서는 해당 주장을 조사 단서로만 기록합니다. 스크린샷만으로 지갑 통제자, KuCoin API 사용 여부, HFT 여부, 봇 수익 여부를 독립적으로 입증할 수 없습니다.
권장되는 합법 OSINT 단계는 거래 해시 보존, UTC 타임스탬프 비교, 거래소 입출금 패턴 매핑, 상대 주소 아카이브, 신상털기·계정 침입·무단 접근 금지입니다.

온체인 TX 증거

확인된 온체인 지갑 클러스터 증거

새로 제출된 Solscan 트랜잭션 증거는 신고된 피해금 수신 지갑, 중간 경유 지갑, 고잔고 차익거래/API형 지갑을 같은 운영 자금 흐름 클러스터로 연결합니다.

피해금 수신 지갑E8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgi도난 피해금이 들어간 것으로 신고된 지갑입니다.

중간 / 경유 지갑GLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4L피해금 수신 지갑 이후 관찰된 전송 경로에서 사용된 지갑입니다.

고잔고 차익거래 / API형 지갑EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg관찰 시점에 3만 달러 이상 보유한 것으로 신고되었고 이후 자동화/차익거래형 활동이 보인 지갑입니다.

관찰된 자금 흐름

신고된 흐름: 피해금이 첫 지갑으로 들어간 뒤 중간 지갑을 거쳤고, 아래 TXID를 통해 고잔고 차익거래/API형 지갑 활동과 연결됩니다.

트랜잭션 증거

항목	Solscan 트랜잭션 / 계정 링크	관련성
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	피해금 클러스터를 차익거래/API형 지갑 활동과 연결하는 신고된 자금 흐름 TXID입니다.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	피해금 클러스터를 차익거래/API형 지갑 활동과 연결하는 신고된 자금 흐름 TXID입니다.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	피해금 클러스터를 차익거래/API형 지갑 활동과 연결하는 신고된 자금 흐름 TXID입니다.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	제출된 TX 증거와 연결되는 고잔고 지갑의 계정 페이지입니다.

컴플라이언스 중요성

이 증거는 단독 법원 판단이 아니라 직접적인 온체인 운영 연결 단서로 검토되어야 합니다. 피해금 수신 지갑, 중간 지갑, 차익거래/API형 지갑을 거래소 컴플라이언스, 수사기관 증거 보존, 사기 신고 검토에서 연결 지갑 클러스터로 다룰 강한 근거를 제공합니다.

이 지갑들이 동일한 KuCoin 계정, API 자격증명, KYC 프로필, IP/기기 로그, 입금 기록, 출금 기록, 연결 계정 또는 거래 인프라와 연결되는지 검토해야 합니다.
정확한 TXID, Solscan 링크, 타임스탬프, 송신/수신 행, 금액, 스크린샷, 트랜잭션 상세의 signer/fee-payer/actor 필드를 보존해야 합니다.

사건 직전 진술

사건 직전 HFT 차익거래봇 주장 및 툴 업그레이드 발언

새로 추가된 이용자 신고 타임라인에 따르면, 사건 발생 몇 시간 전 신고 대상자는 자신이 HFT/차익거래봇으로 하루 약 $2,000를 벌 수 있다고 주장했고, 피해자의 런칭 성공을 보고 싶다며 그 목적을 위해 툴을 대폭 업그레이드했다고 말했다고 합니다.

이 캡처는 HFT/차익거래봇 주장을 단순 타임라인 설명이 아니라 실제 대화 증거로 강화하므로, UTC 시각, 원본 대화 맥락, 가능하면 Telegram 원본 내보내기와 함께 보존해야 합니다.

주장된 거래 능력HFT / 차익거래봇 수익 주장신고된 발언: 고빈도 차익거래형 봇 활동으로 하루 약 $2,000 수익 가능.

툴 업그레이드 시점사건 몇 시간 전해당 업그레이드 발언 직후 자금 손실 사건과 온체인 추적 결과가 이어졌습니다.

연결 지갑 맥락EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg지갑 클러스터 TX 증거로 나중에 연결된 고잔고 차익거래/API형 지갑입니다.

이 발언이 중요한 이유

이 발언은 주장된 기술 역량, HFT/차익거래 인프라, 사건 직전 툴 업그레이드, 이후 온체인 자금 흐름을 하나의 타임라인으로 연결합니다.
업그레이드 주장 직후 사건이 발생했고, 제출된 TX 증거는 피해금 경로를 고잔고 차익거래/API형 지갑과 연결했습니다.
이 시점 관계는 툴 업그레이드에 숨겨진 악성 로직, 무단 접근 기능, 지갑/키 처리 악용, 백도어 유사 메커니즘이 포함되었을 가능성에 대한 중대한 우려를 제기합니다.
이 섹션은 전달된 소스코드, VPS/서버 로그, 배포 기록, 환경 변수, 지갑/키 처리 로직, 외부 네트워크 호출에 대한 포렌식 검토가 필요한 수사 단서로 이 발언을 기록합니다.

이 보고서는 이 발언만으로 코드 수준 침해를 단정하지 않습니다. 중요한 점은 사건 직전 HFT/차익거래 주장, 툴 업그레이드 발언, 신뢰된 개발자/서버 접근권, 사건 후 무응답, 그리고 이후 Solscan 지갑 클러스터 증거가 결합된 타임라인입니다.

threat

위협 모델 및 의심 수익화 경로

의심 수익화 경로: 공개 GitHub 저장소로 신뢰를 형성한 뒤 Telegram에서 고수요 Solana 거래 도구를 비공개 판매합니다.
가능한 노출 경로: 사용자가 PRIVATE_KEY, RPC 키, GRPC_TOKEN, 거래소 API 접근, 서버 관리자 권한을 요구하는 도구를 실행합니다.
가능한 지속성 경로: 도구가 백그라운드 서비스, PM2 프로세스, crontab, systemd 유닛, 숨겨진 시작 스크립트, 웹훅, 원격 로깅, 암호화 패키지를 설치합니다.
가능한 리브랜딩 경로: 노출 이후 Telegram 핸들, GitHub 사용자명, 저장소 이름, clone URL, 프로필 이미지, README 문구를 교체합니다.
신고자가 주장하는 잠재 수익 경로: 거래소 연계 HFT/arbitrage 실행, KuCoin 연계 전송 흐름, Solana 봇 자동화, 고빈도 지갑 활동입니다. 이는 독립 검증이 필요합니다.

redflags

기술적 위험 신호

PRIVATE_KEY 또는 시드 구문 요구
자금이 들어 있는 지갑 요구
KuCoin 또는 거래소 API 키 요구
RPC 키, GRPC_ENDPOINT, GRPC_TOKEN 요구
서버 root/admin 권한 요구
암호화 또는 난독화된 봇 패키지
재현 가능한 빌드 안내가 없는 컴파일 바이너리
숨겨진 외부 네트워크 요청
Telegram 또는 Discord 웹훅
원격 로깅 엔드포인트
지갑 내보내기 또는 키 전송 로직
보장 수익, 보장 속도, first-buy, 0-block 주장
Dexscreener 트렌딩 또는 볼륨 조작 주장
Raydium 볼륨 또는 maker 조작 주장
Polymarket 승률 또는 예측시장 조작 주장
Axiom 거래 우위 주장
카지노, 도박, wallet-drainer, 피싱형 봇 주장

asia

아시아·태평양 주의 경고

활동 시간대와 어눌한 영어 사용은 OSINT 참고 단서가 될 수 있으나 한국인, 아시아인 또는 특정 국적을 입증하지는 않습니다.
보고된 연락 패턴, Telegram 판매, GitHub 활동, Solana 봇 제안이 아시아·태평양 사용자 및 시간대와 겹칠 수 있으므로 아시아권 암호화폐 커뮤니티는 이 식별자 클러스터를 고위험으로 취급해야 합니다.
한국, 일본, 중국, 동남아시아 및 넓은 아시아·태평양권 사용자는 이 클러스터와 연결된 Telegram 기반 HFT, sniper, arbitrage, 프라이빗키, 지갑 자동화 제안을 특히 조심해야 합니다.
이 경고는 위험 예방을 위한 것이며, 민족·국적·지역에 대한 단정이나 낙인을 목적으로 하지 않습니다.

tracking

역추적 검색 색인

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

즉시 보안 조치

관련 봇을 자금이 들어 있는 컴퓨터에서 실행하지 마십시오.
.env 파일, 웹사이트, Telegram 봇, 대시보드, 컴파일 바이너리, 암호화 패키지, VPS에 가치 있는 프라이빗키를 붙여넣지 마십시오.
폐기 가능한 샌드박스 컴퓨터와 빈 테스트 지갑만 사용하십시오.
노출된 API 키, RPC 키, gRPC 토큰, GitHub 토큰, 서버 비밀번호, 지갑 키를 모두 교체하십시오.
알 수 없는 SSH 키, PM2 프로세스, crontab, systemd 서비스, 숨겨진 시작 스크립트, 예상치 못한 백그라운드 서비스를 제거하십시오.
코드베이스에서 외부 요청, 웹훅, base64 덩어리, 동적 실행, 지갑 내보내기 로직, 프라이빗키 저장, 원격 로깅을 검색하십시오.
공개 증거를 UTC 타임스탬프와 함께 아카이브하고 의심 저장소는 공식 플랫폼 신고 경로로 신고하십시오.

preservation

증거 보존 프로토콜

공개 저장소 URL, 소유자 이름, README 문구, 저장소 설명, topic, 커밋 타임스탬프, release 파일, package 이름, 스크린샷, 데모 링크, fork 관계를 보존하십시오.
Telegram 핸들, 표시된 연락 주소, 공개 결제 지갑, 거래 해시, Solscan 페이지, 거래소 라벨, UTC 스크린샷 시간을 보존하십시오.
프라이빗키, 시드 구문, API 키, 무관한 비공개 메시지, 개인 주소, 전화번호, 입증되지 않은 개인정보는 게시하지 마십시오.
정정 가능한 표현을 사용하십시오. 사용자 기준 확정 경험과 법원 기준 확정 법적 결론을 분리하십시오.
각 업데이트마다 UTC 날짜, 출처 URL, 짧은 설명, 증거 유형이 스크린샷 기반·저장소 기반·블록체인 기반·사용자 제출 기반인지 기록하십시오.

sources

공개 검증 링크

GitHub 프로필: Soldrift GitHub 프로필: whistledev411 저장소 흔적: pumpfun-copy-trading-bot Solscan 계정 단서

用户举报骗局警告 · UTC OSINT 索引

Soldrift / devbeast5775
Soldrift / devbeast5775 用户举报骗局安全警告和 OSINT 索引

Soldrift、Telegram @devbeast5775、GitHub 痕迹、Solana HFT/sniper/arbitrage 工具、KuCoin 关联 Solscan 钱包线索和钱包/私钥安全行动的高密度公开报告。

Warning Evidence Actions

通知 / 核心索引

本报告记录自 2026 年 5 月以来追踪的用户举报型 scam、drain、钓鱼工具和恶意后门系统警告，并以 UTC 保存提交截图、公开 GitHub 痕迹、公开区块链线索和 Solana 生态风险指标。

报告目的为可能访问、购买、运行或部署高风险 Solana 交易工具的用户提供公共安全警告。

核心标识Soldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

威胁重点钱包 drain、钓鱼型工具、私钥暴露、恶意后门以及 HFT/sniper/arbitrage bot 风险。

证据基础提交的资料图片、Solscan 截图、公开 GitHub 痕迹、公开仓库/工具类别和钱包线索。

核心索引：Telegram handle、GitHub alias 集群、Solscan 钱包线索、KuCoin 关联转账行、Solana HFT/sniper/arbitrage 工具、私钥暴露和紧急缓解步骤。

2026 年 5 月追踪UTC 记录Solana 生态警告Drain / 钓鱼工具风险私钥安全OSINT 证据索引

overview

核心警告

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。

identity

身份与别名索引

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

提交证据

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub 与工具集群索引

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan 钱包与 KuCoin 关联线索

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

链上 TX 证据

已确认的链上钱包集群证据

新提交的 Solscan 交易证据将被举报的受害资金接收钱包、中间路由钱包以及高余额套利/API 型钱包连接为同一运营资金流集群。

受害资金接收钱包E8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgi被举报为被盗资金进入的钱包。

中间 / 路由钱包GLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4L在受害资金钱包之后的可观察转账路径中使用的钱包。

高余额套利 / API 型钱包EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg据举报在观察时持有超过 30,000 美元，并随后显示自动化/套利型活动的钱包。

观察到的资金流路径

举报的路径：受害资金进入第一个钱包，经由中间钱包，并通过下列 TXID 与高余额套利/API 型钱包活动相连接。

交易证据

项目	Solscan 交易 / 账户链接	相关性
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	用于连接受害资金集群与套利/API 型钱包活动的举报资金流 TXID。
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	用于连接受害资金集群与套利/API 型钱包活动的举报资金流 TXID。
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	用于连接受害资金集群与套利/API 型钱包活动的举报资金流 TXID。
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	与已提交 TX 证据相关的高余额钱包账户页面。

合规重要性

该证据应作为直接链上运营关联线索进行审查，而不是单独的法院判定。它有力支持在交易所合规、执法证据保存和诈骗举报审查中，将受害资金钱包、中间钱包和套利/API 型钱包视为关联钱包集群。

请审查这些钱包是否连接到同一个 KuCoin 账户、API 凭据、KYC 档案、IP/设备日志、充值记录、提现记录、关联账户或交易基础设施。
请保存准确的 TXID、Solscan 链接、时间戳、发送/接收行、金额、截图，以及交易详情中可见的 signer/fee-payer/actor 字段。

事发前声明

事发前 HFT 套利机器人声明与工具升级说法

新增的用户报告时间线记录称，在事件发生前数小时，被报告者声称自己可以通过 HFT/套利机器人每天赚取约 $2,000，并表示希望受害者的发行成功，因此为此大幅升级了工具。

该截图将 HFT/套利机器人说法从时间线陈述强化为可见聊天证据，应与 UTC 时间、上下文和原始 Telegram 导出记录一起保存。

声称的交易能力HFT / 套利机器人收益声明用户报告的说法：通过高频套利式机器人活动每天约 $2,000。

工具升级时间事件前数小时该升级说法紧接着后续资金损失事件和链上追踪发现。

关联钱包背景EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg后来由钱包集群 TX 证据连接到的高余额套利/API 型钱包。

该声明的重要性

该声明把声称的技术能力、HFT/套利基础设施、临近事件的工具升级以及后续链上资金流联系在同一时间线中。
在所谓升级后不久，事件发生，提交的 TX 证据将受害资金路径连接到高余额套利/API 型钱包。
这一时间关系引发严重担忧：该升级可能包含隐藏恶意逻辑、未授权访问能力、钱包/密钥处理滥用或类似后门机制。
本节将该声明记录为调查线索，需要对交付源代码、VPS/服务器日志、部署历史、环境变量、钱包/密钥处理逻辑和出站网络调用进行取证审查。

本报告并不单凭该声明证明代码层面的入侵。其重要性来自组合时间线：事发前 HFT/套利声明、工具升级说法、可信开发者/服务器访问、事后不回应，以及后续 Solscan 钱包集群证据。

threat

威胁模型与疑似获利路径

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

技术危险信号

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

亚太地区谨慎通知

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

反向追踪搜索索引

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

立即安全措施

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

证据保存协议

除非经过独立取证审计排除风险，否则应将 Soldrift、Telegram @devbeast5775 及相关别名视为严重安全风险集群。
任何要求 PRIVATE_KEY、助记词、有资金钱包、RPC 凭据、GRPC_TOKEN、交易所 API、服务器管理员权限、加密 bot 执行或钱包导出能力的工具都应视为不安全。
所有时间记录应使用 UTC。截图、交易、提交、归档和报告更新都必须保留 UTC 时间。
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

公开验证链接

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Advertencia de estafa reportada por usuario · índice OSINT UTC

Soldrift / devbeast5775
Advertencia de seguridad y OSINT sobre Soldrift / devbeast5775

Informe público denso sobre Soldrift, Telegram @devbeast5775, rastros GitHub, herramientas Solana HFT/sniper/arbitrage, pista Solscan vinculada a KuCoin y acciones de seguridad de wallet/claves.

Warning Evidence Actions

AVISO / ÍNDICE CENTRAL

Este informe registra una advertencia, reportada por usuarios y rastreada desde mayo de 2026, sobre scam, drain, herramientas de phishing y sistemas de backdoor maliciosos. Conserva capturas enviadas, rastros públicos de GitHub, pistas públicas de blockchain e indicadores de riesgo del ecosistema Solana en UTC.

PropósitoAdvertencia pública de seguridad para usuarios que puedan acceder, comprar, ejecutar o desplegar herramientas de trading Solana de alto riesgo.

IdentificadoresSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

AmenazaWallet drainers, herramientas tipo phishing, exposición de claves privadas, backdoors maliciosos y riesgo HFT/sniper/arbitrage.

Base de evidenciaImágenes de perfil enviadas, captura Solscan, rastros públicos de GitHub, categorías públicas de herramientas y pista de wallet.

Índice central: handle de Telegram, clúster de alias GitHub, pista de wallet Solscan, transferencias vinculadas a KuCoin, herramientas Solana HFT/sniper/arbitrage, exposición de claves privadas y mitigación urgente.

Seguimiento mayo 2026Registro UTCAlerta ecosistema SolanaRiesgo drain/phishingSeguridad de claves privadasÍndice OSINT

overview

Advertencia ejecutiva

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.

identity

Índice de identidad y alias

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Evidencias enviadas

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

Índice de GitHub y clúster de herramientas

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Wallet Solscan y pista vinculada a KuCoin

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

evidencia TX on-chain

Evidencia confirmada de clúster de wallets on-chain

La nueva evidencia de transacciones de Solscan vincula la wallet receptora de fondos de la víctima, una wallet intermedia de enrutamiento y una wallet de alto balance estilo arbitraje/API dentro del mismo clúster operativo de flujo de fondos.

Wallet receptora de fondos de la víctimaE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet reportada donde ingresaron los fondos robados.

Wallet intermedia / de enrutamientoGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet usada en la ruta de transferencia observada después de la wallet de fondos de la víctima.

Wallet de alto balance estilo arbitraje / APIEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet reportada con más de USD 30,000 al momento de observación y luego con actividad automatizada/de arbitraje.

Ruta de flujo de fondos observada

Flujo reportado: los fondos de la víctima entraron en la primera wallet, pasaron por la wallet intermedia y se conectan mediante los TXID listados con actividad que involucra la wallet de alto balance estilo arbitraje/API.

Evidencia de transacciones

Elemento	Transacción / cuenta Solscan	Relevancia
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	TXID enviado para la ruta de fondos reportada que conecta el clúster de fondos de víctima con la actividad de la wallet estilo arbitraje/API.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	TXID enviado para la ruta de fondos reportada que conecta el clúster de fondos de víctima con la actividad de la wallet estilo arbitraje/API.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	TXID enviado para la ruta de fondos reportada que conecta el clúster de fondos de víctima con la actividad de la wallet estilo arbitraje/API.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Página de cuenta de la wallet de alto balance conectada con la evidencia TX enviada.

Importancia para cumplimiento

Esta evidencia debe revisarse como un vínculo operativo directo on-chain, no como una conclusión judicial aislada. Apoya fuertemente tratar la wallet de fondos de víctima, la wallet intermedia y la wallet estilo arbitraje/API como un clúster conectado para cumplimiento de exchanges, preservación por autoridades y revisión de reportes de estafa.

Revisar si estas wallets se conectan al mismo usuario de KuCoin, credenciales API, perfil KYC, registros IP/dispositivo, depósitos, retiros, cuentas vinculadas o infraestructura de trading.
Preservar TXID exactos, enlaces Solscan, timestamps, filas de remitente/receptor, montos, capturas y campos signer/fee-payer/actor visibles en los detalles de transacción.

declaración previa al incidente

Declaración de bot HFT/arbitraje y actualización de herramienta antes del incidente

Un nuevo elemento de cronología reportado por el usuario registra que, solo horas antes del incidente, la persona reportada supuestamente afirmó que podía ganar aproximadamente $2,000 por día mediante un bot HFT/de arbitraje, dijo que quería ver el lanzamiento de la víctima tener éxito y afirmó que había actualizado fuertemente la herramienta con ese propósito.

Esta captura convierte la afirmación HFT/arbitraje en un exhibit visible de chat y debe conservarse con hora UTC, contexto de origen y exportación original de Telegram si existe.

Capacidad de trading afirmadaDeclaración de ingresos con bot HFT / arbitrajeDeclaración reportada: aproximadamente $2,000 por día mediante actividad de bot de arbitraje de alta frecuencia.

Momento de actualizaciónHoras antes del incidenteLa declaración de actualización precedió inmediatamente el evento de pérdida de fondos y los hallazgos on-chain posteriores.

Contexto de wallet conectadaEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet de alto balance estilo arbitraje/API luego vinculada por la evidencia TX del clúster.

Por qué importa esta declaración

La declaración vincula capacidad técnica afirmada, infraestructura HFT/arbitraje, una actualización de herramienta de último momento y la ruta posterior de fondos on-chain.
Poco después de la supuesta actualización ocurrió el incidente, y la evidencia TX conectó la ruta de fondos de la víctima con la wallet de alto balance estilo arbitraje/API.
La cronología genera seria preocupación de que la actualización pudiera haber incluido lógica maliciosa oculta, capacidad de acceso no autorizado, abuso de manejo de wallets/keys o un mecanismo similar a backdoor.
Esta sección registra la declaración como una pista investigativa que requiere revisión forense del código fuente entregado, logs del VPS/servidor, historial de despliegue, variables de entorno, lógica de manejo de wallets/keys y llamadas de red salientes.

Este reporte no usa la declaración por sí sola como prueba de compromiso a nivel de código. Su importancia surge de la cronología combinada: declaración HFT/arbitraje previa, actualización de herramienta, acceso confiado de desarrollador/servidor, no respuesta posterior y evidencia Solscan de clúster de wallets.

threat

Modelo de amenaza y monetización sospechada

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Señales técnicas de riesgo

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Aviso de cautela Asia-Pacífico

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Índice de búsqueda inversa

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Acciones de seguridad inmediatas

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Protocolo de preservación de evidencia

Soldrift, Telegram @devbeast5775 y alias relacionados deben tratarse como un clúster de riesgo severo salvo auditoría forense independiente.
Cualquier herramienta que solicite PRIVATE_KEY, seed phrase, wallet con fondos, credenciales RPC, GRPC_TOKEN, API de exchange, acceso administrador de servidor o exportación de wallet debe considerarse insegura.
Todas las marcas de tiempo deben registrarse en UTC para capturas, transacciones, commits, archivos y actualizaciones.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Enlaces públicos de verificación

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Предупреждение о скаме по сообщению пользователя · UTC OSINT

Soldrift / devbeast5775
Предупреждение безопасности и OSINT по Soldrift / devbeast5775

Плотный публичный отчёт о Soldrift, Telegram @devbeast5775, следах GitHub, Solana HFT/sniper/arbitrage инструментах, KuCoin-связанной Solscan-подсказке и мерах безопасности кошельков/ключей.

Warning Evidence Actions

УВЕДОМЛЕНИЕ / ОСНОВНОЙ ИНДЕКС

Этот отчёт фиксирует предупреждение о сообщаемом пользователями scam, drain, phishing-tool и вредоносной backdoor-системе, отслеживаемое с мая 2026 года. Он сохраняет предоставленные скриншоты, публичные следы GitHub, публичные blockchain-подсказки и индикаторы риска экосистемы Solana в UTC.

Цель отчётаПубличное предупреждение безопасности для пользователей, которые могут получить доступ, купить, запустить или развернуть высокорисковые Solana trading tools.

ИдентификаторыSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

Фокус угрозWallet drainers, phishing-like tools, раскрытие приватных ключей, malicious backdoors и риск HFT/sniper/arbitrage bot.

Доказательная базаПредоставленные профильные изображения, скриншот Solscan, публичные следы GitHub, категории инструментов и wallet lead.

Основной индекс: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, раскрытие private keys и срочные меры снижения риска.

Отслеживание с мая 2026UTC-записьПредупреждение SolanaDrain/phishing-tool рискБезопасность private keyOSINT индекс

overview

Ключевое предупреждение

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.

identity

Индекс идентичности и псевдонимов

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Предоставленные доказательства

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

Индекс GitHub и кластера инструментов

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Кошелёк Solscan и KuCoin-связанный след

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

on-chain TX-доказательства

Подтверждённые on-chain доказательства кластера кошельков

Новые предоставленные транзакции Solscan связывают кошелёк получения средств жертвы, промежуточный маршрутный кошелёк и высокобалансовый arbitrage/API-style кошелёк в один операционный кластер движения средств.

Кошелёк получения средств жертвыE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiКошелёк, куда, по заявлению пользователя, поступили похищенные средства.

Промежуточный / маршрутный кошелёкGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LКошелёк, использованный в наблюдаемом маршруте перевода после кошелька жертвы.

Высокобалансовый arbitrage / API-style кошелёкEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgКошелёк, который, по сообщению, держал более USD 30,000 на момент наблюдения и затем показывал automated/arbitrage-style активность.

Наблюдаемый маршрут средств

Заявленный поток: средства жертвы вошли в первый кошелёк, прошли через промежуточный кошелёк и через перечисленные TXID связаны с активностью высокобалансового arbitrage/API-style кошелька.

Доказательства транзакций

Элемент	Solscan транзакция / аккаунт	Значение
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Предоставленный TXID для заявленного маршрута средств, связывающего кластер средств жертвы с активностью arbitrage/API-style кошелька.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Предоставленный TXID для заявленного маршрута средств, связывающего кластер средств жертвы с активностью arbitrage/API-style кошелька.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Предоставленный TXID для заявленного маршрута средств, связывающего кластер средств жертвы с активностью arbitrage/API-style кошелька.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Страница аккаунта высокобалансового кошелька, связанного с предоставленными TX-доказательствами.

Значение для compliance

Это доказательство следует рассматривать как прямую on-chain операционную связь, а не как отдельное судебное заключение. Оно серьёзно поддерживает рассмотрение кошелька жертвы, промежуточного кошелька и arbitrage/API-style кошелька как связанного кластера для compliance биржи, сохранения данных правоохранителями и проверки scam-жалоб.

Проверить, связаны ли эти кошельки с одним аккаунтом KuCoin, API-ключами, KYC-профилем, IP/device logs, депозитами, выводами, связанными аккаунтами или торговой инфраструктурой.
Сохранить точные TXID, ссылки Solscan, timestamps, строки отправителя/получателя, суммы, скриншоты и поля signer/fee-payer/actor в деталях транзакций.

заявление до инцидента

Заявление о HFT/арбитражном боте и обновлении инструмента до инцидента

Новый элемент пользовательской хронологии фиксирует, что за несколько часов до инцидента заявленное лицо якобы утверждало, что может зарабатывать около $2,000 в день через HFT/арбитражного бота, говорило, что хочет увидеть успешный запуск жертвы, и сообщило, что существенно обновило инструмент для этой цели.

Этот скриншот переводит утверждение о HFT/арбитраже из описания хронологии в видимое доказательство чата; его следует хранить с UTC-временем, контекстом источника и оригинальным экспортом Telegram при наличии.

Заявленная торговая возможностьДоход HFT / арбитражного ботаЗаявленное высказывание: около $2,000 в день от высокочастотной арбитражной активности.

Время обновленияЗа часы до инцидентаЗаявление об обновлении непосредственно предшествовало потере средств и последующим on-chain находкам.

Контекст связанного кошелькаEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgКошелёк с высоким балансом типа arbitrage/API, позднее связанный TX-доказательствами кластера.

Почему это важно

Заявление связывает заявленную техническую способность, HFT/арбитражную инфраструктуру, обновление инструмента в последний момент и последующий on-chain маршрут средств.
Вскоре после заявленного обновления произошёл инцидент, а TX-доказательства связали маршрут средств жертвы с высокобалансовым кошельком типа arbitrage/API.
Такая последовательность вызывает серьёзную обеспокоенность, что обновление могло включать скрытую вредоносную логику, несанкционированный доступ, злоупотребление обработкой wallet/key или backdoor-подобный механизм.
Раздел фиксирует это как следственную зацепку, требующую forensic-проверки исходного кода, логов VPS/сервера, истории деплоя, переменных окружения, логики обработки wallet/key и исходящих сетевых вызовов.

Отчёт не считает одно это заявление доказательством компрометации кода. Значение создаёт совокупная хронология: HFT/арбитражное заявление до инцидента, обновление инструмента, доверенный доступ разработчика/сервера, отсутствие ответа после инцидента и последующие доказательства Solscan по кластеру кошельков.

threat

Модель угроз и предполагаемая монетизация

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Технические признаки риска

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Предупреждение для АТР

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Индекс обратного поиска

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Немедленные меры безопасности

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Протокол сохранения доказательств

Soldrift, Telegram @devbeast5775 и связанные псевдонимы следует считать серьёзным кластером риска, пока независимая forensic-проверка не снимет угрозу.
Любой инструмент, запрашивающий PRIVATE_KEY, seed phrase, кошелёк с средствами, RPC, GRPC_TOKEN, API биржи, админ-доступ к серверу или экспорт кошелька, следует считать небезопасным.
Все временные отметки должны записываться в UTC для скриншотов, транзакций, коммитов, архивов и обновлений.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Публичные ссылки проверки

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

User-reported scam warning · UTC OSINT index

Soldrift / devbeast5775
Soldrift / devbeast5775 Security Warning at OSINT Index

Mataas na density na public report tungkol sa Soldrift, Telegram @devbeast5775, GitHub traces, Solana HFT/sniper/arbitrage tools, KuCoin-linked Solscan wallet lead, at wallet/key security actions.

Warning Evidence Actions

PAUNAWA / CORE INDEX

Itinatala ng report na ito ang user-reported scam, drain, phishing-tool, at malicious backdoor-system warning na sinusubaybayan mula Mayo 2026. Iniingatan nito ang submitted screenshots, public GitHub traces, public blockchain leads, at Solana ecosystem risk indicators sa UTC.

LayuninPublic security warning para sa users na maaaring mag-access, bumili, mag-run, o mag-deploy ng high-risk Solana trading tools.

IdentifiersSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

Threat focusWallet drainers, phishing-style tools, private-key exposure, malicious backdoors, at HFT/sniper/arbitrage bot risk.

Evidence basisSubmitted profile images, Solscan screenshot, public GitHub traces, public repository/tool categories, at wallet lead.

Core index: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, private-key exposure, at emergency mitigation steps.

May 2026 trackingUTC recordSolana warningDrain/phishing riskPrivate-key safetyOSINT evidence

overview

Pangunahing babala

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.

identity

Identity at alias index

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Isinumiteng ebidensiya

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub at tool-cluster index

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan wallet at KuCoin-linked lead

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

on-chain TX evidence

Kumpirmadong on-chain wallet-cluster evidence

Ang bagong Solscan transaction evidence ay nag-uugnay sa reported victim-fund receiving wallet, intermediate routing wallet, at high-balance arbitrage/API-style wallet bilang iisang operational fund-flow cluster.

Victim-fund receiving walletE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet na iniulat kung saan pumasok ang ninakaw na pondo.

Intermediate / routing walletGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet na ginamit sa naobserbahang transfer route pagkatapos ng victim-fund wallet.

High-balance arbitrage / API-style walletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet na iniulat na may higit USD 30,000 sa oras ng obserbasyon at pagkatapos ay nagpakita ng automated/arbitrage-style activity.

Naobserbahang fund-flow route

Iniulat na daloy: pumasok ang victim funds sa unang wallet, dumaan sa intermediate wallet, at konektado sa pamamagitan ng listed TXIDs sa activity na kinasasangkutan ng high-balance arbitrage/API-style wallet.

Transaction evidence

Item	Solscan transaction / account link	Relevance
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Submitted TXID para sa reported fund-flow route na nag-uugnay ng victim-fund cluster sa arbitrage/API-style wallet activity.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Submitted TXID para sa reported fund-flow route na nag-uugnay ng victim-fund cluster sa arbitrage/API-style wallet activity.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Submitted TXID para sa reported fund-flow route na nag-uugnay ng victim-fund cluster sa arbitrage/API-style wallet activity.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Account page ng high-balance wallet na konektado sa submitted TX evidence.

Compliance significance

Dapat itong suriin bilang direct on-chain operational link, hindi bilang standalone court finding. Malakas nitong sinusuportahan ang pagtrato sa victim-fund wallet, intermediate wallet, at arbitrage/API-style wallet bilang connected wallet cluster para sa exchange compliance, law-enforcement preservation, at scam-report review.

Suriin kung konektado ang wallets na ito sa parehong KuCoin account, API credentials, KYC profile, IP/device logs, deposit records, withdrawal records, linked accounts, o trading infrastructure.
I-preserve ang exact TXIDs, Solscan links, timestamps, sender/receiver rows, amounts, screenshots, at anumang signer/fee-payer/actor fields na makikita sa transaction details.

pre-incident statement

Pre-incident HFT arbitrage bot claim at tool-upgrade statement

Ayon sa bagong user-reported timeline item, ilang oras bago ang insidente, ang reported individual ay umano'y nagsabing kaya niyang kumita ng humigit-kumulang $2,000 bawat araw gamit ang HFT/arbitrage bot, gusto niyang magtagumpay ang launch ng biktima, at malaki raw ang ginawa niyang upgrade sa tool para rito.

Ginagawa ng screenshot na ito ang HFT/arbitrage claim mula sa timeline allegation tungo sa malinaw na chat exhibit na dapat i-preserve kasama ang UTC timestamp at original Telegram export kung mayroon.

Claimed trading capabilityHFT / arbitrage bot income claimReported statement: humigit-kumulang $2,000 bawat araw mula sa high-frequency arbitrage-style bot activity.

Tool-upgrade timingIlang oras bago ang insidenteAng upgrade statement ay agad na nauna sa fund-loss event at on-chain tracing findings.

Connected wallet contextEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgHigh-balance arbitrage/API-style wallet na kalaunang na-link ng wallet-cluster TX evidence.

Bakit mahalaga ang statement na ito

Ikinokonekta nito ang claimed technical capability, HFT/arbitrage infrastructure, last-minute tool upgrade, at sumunod na on-chain fund-flow route.
Ilang sandali matapos ang sinabing upgrade, nangyari ang insidente, at ikinonekta ng TX evidence ang victim-fund route sa high-balance arbitrage/API-style wallet.
Ang timing ay nagbibigay ng seryosong concern na ang upgrade ay maaaring may hidden malicious logic, unauthorized access capability, wallet/key-handling abuse, o backdoor-like mechanism.
Itinatala ng seksyong ito ang statement bilang investigative lead na nangangailangan ng forensic review ng delivered source code, VPS/server logs, deployment history, environment variables, wallet/key-handling logic, at outbound network calls.

Hindi ginagamit ng report na ito ang statement lang bilang patunay ng code-level compromise. Ang bigat nito ay mula sa pinagsamang timeline: pre-incident HFT/arbitrage claim, tool-upgrade statement, trusted developer/server access, post-incident non-response, at Solscan wallet-cluster evidence.

threat

Threat model at pinaghihinalaang monetization path

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Technical red flags

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Asia-Pacific caution notice

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Reverse-tracking search index

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Agarang security actions

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Evidence preservation protocol

Ituring na severe security-risk cluster ang Soldrift, Telegram @devbeast5775, at related aliases hangga’t hindi nalilinis ng independent forensic audit.
Anumang tool na humihingi ng PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access, o wallet export capability ay dapat ituring na unsafe.
Lahat ng timestamps ay dapat nasa UTC para sa screenshots, transactions, commits, archives, at updates.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Public verification links

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Peringatan scam laporan pengguna · indeks OSINT UTC

Soldrift / devbeast5775
Peringatan keamanan dan indeks OSINT Soldrift / devbeast5775

Laporan publik padat tentang Soldrift, Telegram @devbeast5775, jejak GitHub, alat Solana HFT/sniper/arbitrage, lead wallet Solscan terkait KuCoin, dan tindakan keamanan wallet/key.

Warning Evidence Actions

PEMBERITAHUAN / INDEKS INTI

Laporan ini mencatat peringatan scam, drain, phishing-tool, dan sistem backdoor berbahaya yang dilaporkan pengguna dan dilacak sejak Mei 2026. Laporan ini menyimpan screenshot yang dikirim, jejak GitHub publik, lead blockchain publik, dan indikator risiko ekosistem Solana dalam UTC.

Tujuan laporanPeringatan keamanan publik bagi pengguna yang mungkin mengakses, membeli, menjalankan, atau menerapkan alat trading Solana berisiko tinggi.

Identitas utamaSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

Fokus ancamanWallet drainer, alat bergaya phishing, paparan private key, backdoor berbahaya, dan risiko bot HFT/sniper/arbitrage.

Dasar buktiGambar profil yang dikirim, screenshot Solscan, jejak GitHub publik, kategori repository/tool publik, dan lead wallet.

Indeks inti: handle Telegram, klaster alias GitHub, lead wallet Solscan, baris transfer terkait KuCoin, tooling Solana HFT/sniper/arbitrage, paparan private key, dan langkah mitigasi darurat.

Pelacakan Mei 2026Catatan UTCPeringatan SolanaRisiko drain/phishingKeamanan private keyIndeks OSINT

overview

Peringatan utama

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.

identity

Indeks identitas dan alias

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Bukti yang dikirim

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

Indeks GitHub dan klaster alat

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Wallet Solscan dan lead terkait KuCoin

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

bukti TX on-chain

Bukti klaster wallet on-chain yang terkonfirmasi

Bukti transaksi Solscan yang baru dikirim menghubungkan wallet penerima dana korban, wallet perantara/routing, dan wallet bergaya arbitrase/API dengan saldo tinggi ke dalam satu klaster aliran dana operasional.

Wallet penerima dana korbanE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet yang dilaporkan sebagai tempat masuknya dana yang dicuri.

Wallet perantara / routingGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet yang digunakan dalam rute transfer yang diamati setelah wallet dana korban.

Wallet saldo tinggi bergaya arbitrase / APIEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet yang dilaporkan menyimpan lebih dari USD 30.000 pada waktu observasi dan kemudian menunjukkan aktivitas otomatis/arbitrase.

Rute aliran dana yang diamati

Alur yang dilaporkan: dana korban masuk ke wallet pertama, melewati wallet perantara, dan melalui TXID yang tercantum terhubung dengan aktivitas wallet saldo tinggi bergaya arbitrase/API.

Bukti transaksi

Item	Transaksi / akun Solscan	Relevansi
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	TXID yang dikirim untuk rute aliran dana yang dilaporkan, menghubungkan klaster dana korban dengan aktivitas wallet bergaya arbitrase/API.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	TXID yang dikirim untuk rute aliran dana yang dilaporkan, menghubungkan klaster dana korban dengan aktivitas wallet bergaya arbitrase/API.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	TXID yang dikirim untuk rute aliran dana yang dilaporkan, menghubungkan klaster dana korban dengan aktivitas wallet bergaya arbitrase/API.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Halaman akun wallet saldo tinggi yang terkait dengan bukti TX yang dikirim.

Signifikansi kepatuhan

Bukti ini harus ditinjau sebagai tautan operasional on-chain langsung, bukan sebagai putusan pengadilan mandiri. Ini kuat mendukung perlakuan terhadap wallet dana korban, wallet perantara, dan wallet bergaya arbitrase/API sebagai klaster wallet terhubung untuk kepatuhan exchange, preservasi penegakan hukum, dan review laporan scam.

Tinjau apakah wallet-wallet ini terhubung ke akun KuCoin yang sama, kredensial API, profil KYC, log IP/perangkat, catatan deposit, catatan withdrawal, akun tertaut, atau infrastruktur trading.
Simpan TXID tepat, link Solscan, timestamp, baris pengirim/penerima, jumlah, screenshot, dan field signer/fee-payer/actor yang terlihat pada detail transaksi.

pernyataan pra-insiden

Klaim bot arbitrase HFT dan pernyataan upgrade tool sebelum insiden

Item timeline baru yang dilaporkan pengguna mencatat bahwa, hanya beberapa jam sebelum insiden, pihak yang dilaporkan diduga mengklaim dapat menghasilkan sekitar $2,000 per hari melalui bot HFT/arbitrase, mengatakan ingin melihat peluncuran korban berhasil, dan menyatakan telah melakukan upgrade besar pada tool untuk tujuan tersebut.

Screenshot ini mengubah klaim HFT/arbitrage dari sekadar kronologi menjadi bukti chat yang terlihat dan harus disimpan dengan timestamp UTC, konteks sumber, dan ekspor Telegram asli bila ada.

Kemampuan trading yang diklaimKlaim pendapatan bot HFT / arbitrasePernyataan yang dilaporkan: sekitar $2,000 per hari dari aktivitas bot arbitrase berfrekuensi tinggi.

Waktu upgrade toolBeberapa jam sebelum insidenPernyataan upgrade ini segera mendahului peristiwa kehilangan dana dan temuan tracing on-chain.

Konteks wallet terkaitEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet saldo tinggi bergaya arbitrase/API yang kemudian dihubungkan oleh bukti TX kluster wallet.

Mengapa pernyataan ini penting

Pernyataan ini menghubungkan kemampuan teknis yang diklaim, infrastruktur HFT/arbitrase, upgrade tool di menit terakhir, dan rute aliran dana on-chain berikutnya.
Tak lama setelah upgrade yang diklaim, insiden terjadi, dan bukti TX menghubungkan rute dana korban ke wallet saldo tinggi bergaya arbitrase/API.
Timing ini menimbulkan kekhawatiran serius bahwa upgrade tool mungkin memasukkan logika jahat tersembunyi, kemampuan akses tidak sah, penyalahgunaan pengelolaan wallet/key, atau mekanisme mirip backdoor.
Bagian ini mencatat pernyataan tersebut sebagai petunjuk investigatif yang memerlukan review forensik atas source code yang dikirim, log VPS/server, riwayat deployment, environment variables, logika wallet/key-handling, dan outbound network calls.

Report ini tidak menggunakan pernyataan tersebut saja sebagai bukti kompromi level kode. Signifikansinya berasal dari timeline gabungan: klaim HFT/arbitrase pra-insiden, pernyataan upgrade tool, akses developer/server berbasis kepercayaan, tidak ada respons pasca-insiden, dan bukti kluster wallet Solscan.

threat

Model ancaman dan jalur monetisasi yang dicurigai

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Sinyal teknis berbahaya

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Peringatan Asia-Pasifik

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Indeks pencarian reverse-tracking

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Tindakan keamanan segera

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Protokol pelestarian bukti

Soldrift, Telegram @devbeast5775, dan alias terkait harus diperlakukan sebagai klaster risiko keamanan berat sampai dibersihkan oleh audit forensik independen.
Setiap alat yang meminta PRIVATE_KEY, seed phrase, wallet berisi dana, kredensial RPC, GRPC_TOKEN, API exchange, akses administrator server, atau kemampuan ekspor wallet harus dianggap tidak aman.
Semua timestamp harus dicatat dalam UTC untuk screenshot, transaksi, commit, arsip, dan pembaruan.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Tautan verifikasi publik

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

ユーザー報告スキャム警告 · UTC OSINT 索引

Soldrift / devbeast5775
Soldrift / devbeast5775 セキュリティ警告および OSINT 索引

Soldrift、Telegram @devbeast5775、GitHub 痕跡、Solana HFT/sniper/arbitrage ツール、KuCoin 関連 Solscan ウォレット手掛かり、ウォレット/鍵の安全対策を扱う高密度公開レポートです。

Warning Evidence Actions

通知 / 主要インデックス

本レポートは、2026年5月以降追跡されている、ユーザー報告ベースの scam、drain、フィッシングツール、悪意あるバックドアシステムに関する警告記録です。提出スクリーンショット、公開 GitHub 痕跡、公開 blockchain 手掛かり、Solana エコシステムのリスク指標を UTC で保存します。

目的高リスクな Solana trading tools にアクセス、購入、実行、導入しようとするユーザーへの公共安全警告です。

主要識別子Soldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

脅威焦点Wallet drainers、フィッシング型ツール、秘密鍵露出、悪意あるバックドア、HFT/sniper/arbitrage bot リスクです。

証拠基盤提出プロフィール画像、Solscan スクリーンショット、公開 GitHub 痕跡、公開 repository/tool カテゴリ、wallet lead です。

主要インデックス: Telegram handle、GitHub alias cluster、Solscan wallet lead、KuCoin 関連 transfer rows、Solana HFT/sniper/arbitrage tooling、秘密鍵露出、緊急緩和手順。

2026年5月追跡UTC 記録Solana 警告Drain/phishing リスク秘密鍵安全OSINT 証拠索引

overview

重要警告

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。

identity

識別子および別名インデックス

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

提出証拠

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub とツールクラスター索引

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan ウォレットと KuCoin 関連手掛かり

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

オンチェーン TX 証拠

確認済みオンチェーン・ウォレットクラスター証拠

新たに提出された Solscan トランザクション証拠は、報告された被害資金受領ウォレット、中間ルーティングウォレット、高残高の裁定/API 型ウォレットを同一の運用資金フロークラスターとして結び付けます。

被害資金受領ウォレットE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgi盗難資金が入ったと報告されたウォレットです。

中間 / ルーティングウォレットGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4L被害資金ウォレット後の観測された送金経路で使用されたウォレットです。

高残高の裁定 / API 型ウォレットEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg観測時点で 30,000 米ドル超を保有していたと報告され、その後自動化/裁定型活動が見られるウォレットです。

観測された資金フロー経路

報告された流れ: 被害資金は最初のウォレットに入り、中間ウォレットを経由し、下記 TXID により高残高の裁定/API 型ウォレットの活動と接続されています。

トランザクション証拠

項目	Solscan トランザクション / アカウントリンク	関連性
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	被害資金クラスターと裁定/API 型ウォレット活動を接続する、報告された資金フローの TXID です。
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	被害資金クラスターと裁定/API 型ウォレット活動を接続する、報告された資金フローの TXID です。
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	被害資金クラスターと裁定/API 型ウォレット活動を接続する、報告された資金フローの TXID です。
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	提出された TX 証拠と接続される高残高ウォレットのアカウントページです。

コンプライアンス上の重要性

この証拠は単独の裁判所判断ではなく、直接的なオンチェーン運用リンクとして検討されるべきです。被害資金ウォレット、中間ウォレット、裁定/API 型ウォレットを、取引所コンプライアンス、法執行機関による保存、詐欺報告レビューにおいて接続ウォレットクラスターとして扱う強い根拠を提供します。

これらのウォレットが同一の KuCoin アカウント、API 認証情報、KYC プロファイル、IP/デバイスログ、入金記録、出金記録、関連アカウント、または取引インフラに接続しているか確認してください。
正確な TXID、Solscan リンク、タイムスタンプ、送信/受信行、金額、スクリーンショット、取引詳細に表示される signer/fee-payer/actor フィールドを保存してください。

事件直前の発言

事件直前の HFT 裁定ボット主張およびツール更新発言

新たに追加されたユーザー報告のタイムライン項目では、事件の数時間前に、報告対象者が HFT/裁定ボットで1日約 $2,000 を稼げると主張し、被害者のローンチ成功を見たいとして、その目的でツールを大幅にアップグレードしたと述べたとされています。

このスクリーンショットにより、HFT/アービトラージの主張は単なるタイムライン上の記述ではなく、可視のチャット証拠として保存対象になります。UTC 時刻、文脈、可能なら Telegram の原本エクスポートと共に保全してください。

主張された取引能力HFT / 裁定ボット収益の主張報告された発言：高頻度裁定型ボット活動により1日約 $2,000。

ツール更新の時点事件の数時間前この更新発言の直後に資金損失事案とオンチェーン追跡結果が続いています。

接続ウォレットの文脈EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgウォレットクラスター TX 証拠により後に接続された高残高の裁定/API 型ウォレット。

この発言が重要な理由

この発言は、主張された技術能力、HFT/裁定インフラ、事件直前のツール更新、その後のオンチェーン資金経路を一つのタイムラインで結びます。
主張された更新の直後に事件が発生し、提出された TX 証拠は被害資金経路を高残高の裁定/API 型ウォレットに接続しました。
このタイミングは、ツール更新に隠れた悪性ロジック、無断アクセス機能、ウォレット/キー処理の悪用、またはバックドア類似メカニズムが含まれていた可能性について重大な懸念を生じさせます。
本節は、この発言を調査上の手掛かりとして記録し、納品されたソースコード、VPS/サーバーログ、デプロイ履歴、環境変数、ウォレット/キー処理ロジック、外部ネットワーク通信のフォレンジックレビューが必要であるとします。

本報告は、この発言だけでコードレベルの侵害を証明するものではありません。重要性は、事件直前の HFT/裁定主張、ツール更新発言、信頼された開発者/サーバーアクセス、事件後の無応答、そして後の Solscan ウォレットクラスター証拠が組み合わさった点にあります。

threat

脅威モデルと疑われる収益化経路

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

技術的危険信号

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

アジア太平洋向け注意喚起

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

逆追跡検索インデックス

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

直ちに行う安全対策

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

証拠保存プロトコル

Soldrift、Telegram @devbeast5775、および関連別名は、独立したフォレンジック監査で安全が確認されるまで重大なセキュリティリスククラスターとして扱うべきです。
PRIVATE_KEY、シードフレーズ、資金入りウォレット、RPC 認証情報、GRPC_TOKEN、取引所 API、サーバー管理者権限、ウォレットエクスポート機能を要求するツールは安全ではないと見なすべきです。
スクリーンショット、取引、コミット、アーカイブ、更新のすべての時刻は UTC で記録してください。
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

公開検証リンク

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Alerte de scam signalée par utilisateur · index OSINT UTC

Soldrift / devbeast5775
Alerte sécurité et index OSINT Soldrift / devbeast5775

Rapport public dense sur Soldrift, Telegram @devbeast5775, traces GitHub, outils Solana HFT/sniper/arbitrage, piste Solscan liée à KuCoin et actions sécurité wallet/clés.

Warning Evidence Actions

AVIS / INDEX CENTRAL

Ce rapport consigne une alerte, signalée par des utilisateurs et suivie depuis mai 2026, concernant scam, drain, outils de phishing et systèmes de backdoor malveillants. Il conserve en UTC les captures soumises, les traces GitHub publiques, les pistes blockchain publiques et les indicateurs de risque de l’écosystème Solana.

ObjectifAvertissement public de sécurité pour les utilisateurs susceptibles d’accéder, acheter, exécuter ou déployer des outils de trading Solana à haut risque.

IdentifiantsSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

MenaceWallet drainers, outils de type phishing, exposition de clés privées, backdoors malveillants et risque HFT/sniper/arbitrage.

Base de preuveImages de profil soumises, capture Solscan, traces GitHub publiques, catégories publiques d’outils et piste wallet.

Index central : handle Telegram, cluster d’alias GitHub, piste wallet Solscan, lignes de transfert liées à KuCoin, outils Solana HFT/sniper/arbitrage, exposition de clés privées et mesures d’urgence.

Suivi mai 2026Registre UTCAlerte SolanaRisque drain/phishingSécurité clés privéesIndex OSINT

overview

Avertissement exécutif

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.

identity

Index d’identité et d’alias

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Preuves soumises

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

Index GitHub et cluster d’outils

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Wallet Solscan et piste liée à KuCoin

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

preuves TX on-chain

Preuves confirmées de cluster de wallets on-chain

Les nouvelles preuves de transactions Solscan relient le wallet recevant les fonds de la victime, un wallet intermédiaire de routage et un wallet à solde élevé de type arbitrage/API dans le même cluster opérationnel de flux de fonds.

Wallet recevant les fonds de la victimeE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet signalé comme ayant reçu les fonds volés.

Wallet intermédiaire / de routageGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet utilisé dans le trajet de transfert observé après le wallet des fonds de la victime.

Wallet à solde élevé de type arbitrage / APIEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet signalé comme détenant plus de 30 000 USD au moment de l’observation, puis montrant une activité automatisée/de type arbitrage.

Trajet de flux de fonds observé

Flux signalé : les fonds de la victime sont entrés dans le premier wallet, ont transité par le wallet intermédiaire et sont reliés via les TXID listés à une activité impliquant le wallet à solde élevé de type arbitrage/API.

Preuves de transactions

Élément	Transaction / compte Solscan	Pertinence
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	TXID soumis pour le trajet de fonds signalé reliant le cluster de fonds de la victime à l’activité du wallet de type arbitrage/API.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	TXID soumis pour le trajet de fonds signalé reliant le cluster de fonds de la victime à l’activité du wallet de type arbitrage/API.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	TXID soumis pour le trajet de fonds signalé reliant le cluster de fonds de la victime à l’activité du wallet de type arbitrage/API.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Page du compte du wallet à solde élevé relié aux preuves TX soumises.

Importance compliance

Cette preuve doit être examinée comme un lien opérationnel direct on-chain, non comme une décision judiciaire autonome. Elle soutient fortement le traitement du wallet de fonds de la victime, du wallet intermédiaire et du wallet de type arbitrage/API comme un cluster connecté pour la compliance d’exchange, la conservation par les autorités et l’examen de signalement d’arnaque.

Examiner si ces wallets sont liés au même compte KuCoin, identifiants API, profil KYC, logs IP/appareil, dépôts, retraits, comptes liés ou infrastructure de trading.
Conserver les TXID exacts, liens Solscan, timestamps, lignes émetteur/récepteur, montants, captures et tout champ signer/fee-payer/actor visible dans les détails de transaction.

déclaration pré-incident

Déclaration de bot HFT/arbitrage et mise à niveau de l'outil avant l'incident

Un nouvel élément de chronologie rapporté par l'utilisateur indique que, quelques heures seulement avant l'incident, la personne signalée aurait affirmé pouvoir gagner environ $2,000 par jour grâce à un bot HFT/arbitrage, qu'elle voulait voir le lancement de la victime réussir, et qu'elle avait fortement amélioré l'outil dans ce but.

Cette capture transforme l’allégation HFT/arbitrage en pièce de chat visible et doit être conservée avec l’horodatage UTC, le contexte source et l’export Telegram original si disponible.

Capacité de trading revendiquéeRevenu revendiqué via bot HFT / arbitrageDéclaration rapportée : environ $2,000 par jour via une activité de bot d'arbitrage haute fréquence.

Moment de la mise à niveauQuelques heures avant l'incidentLa déclaration de mise à niveau a immédiatement précédé la perte de fonds et les découvertes de traçage on-chain.

Contexte de wallet connectéEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet à haut solde de type arbitrage/API ensuite relié par les preuves TX du cluster de wallets.

Pourquoi cette déclaration compte

Elle relie la capacité technique revendiquée, l'infrastructure HFT/arbitrage, une mise à niveau de dernière minute de l'outil et la route de fonds on-chain ultérieure.
Peu après la mise à niveau revendiquée, l'incident s'est produit, et les preuves TX ont relié la route des fonds de la victime au wallet à haut solde de type arbitrage/API.
Le timing soulève une préoccupation sérieuse quant à la possibilité que la mise à niveau ait inclus une logique malveillante cachée, une capacité d'accès non autorisé, un abus de gestion wallet/key ou un mécanisme de type backdoor.
Cette section consigne la déclaration comme piste d'enquête nécessitant une revue forensic du code source livré, des logs VPS/serveur, de l'historique de déploiement, des variables d'environnement, de la logique de gestion wallet/key et des appels réseau sortants.

Ce rapport ne s'appuie pas sur cette seule déclaration comme preuve de compromission au niveau du code. Son importance vient de la chronologie combinée : déclaration HFT/arbitrage avant incident, mise à niveau de l'outil, accès développeur/serveur de confiance, absence de réponse après incident et preuves Solscan du cluster de wallets.

threat

Modèle de menace et monétisation suspectée

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Signaux techniques critiques

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Avis de prudence Asie-Pacifique

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Index de recherche inversée

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Actions de sécurité immédiates

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Protocole de conservation des preuves

Soldrift, Telegram @devbeast5775 et les alias liés doivent être traités comme un cluster de risque sévère tant qu’un audit forensic indépendant ne les a pas blanchis.
Toute tool demandant PRIVATE_KEY, seed phrase, wallet financé, identifiants RPC, GRPC_TOKEN, API d’exchange, accès administrateur serveur ou export wallet doit être considérée comme non sûre.
Toutes les dates doivent être consignées en UTC pour captures, transactions, commits, archives et mises à jour.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Liens publics de vérification

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Vom Nutzer gemeldete Scam-Warnung · UTC OSINT-Index

Soldrift / devbeast5775
Sicherheitswarnung und OSINT-Index zu Soldrift / devbeast5775

Dichter öffentlicher Bericht über Soldrift, Telegram @devbeast5775, GitHub-Spuren, Solana HFT/sniper/arbitrage Tools, KuCoin-bezogene Solscan-Wallet-Spur und Wallet/Key-Sicherheitsmaßnahmen.

Warning Evidence Actions

HINWEIS / KERNINDEX

Dieser Bericht dokumentiert eine seit Mai 2026 verfolgte, nutzergemeldete Warnung zu Scam, Drain, Phishing-Tools und bösartigen Backdoor-Systemen. Er bewahrt eingereichte Screenshots, öffentliche GitHub-Spuren, öffentliche Blockchain-Hinweise und Risikindikatoren des Solana-Ökosystems in UTC auf.

ZweckÖffentliche Sicherheitswarnung für Nutzer, die hochriskante Solana-Trading-Tools aufrufen, kaufen, ausführen oder deployen könnten.

IdentifikatorenSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

BedrohungWallet Drainers, phishingähnliche Tools, Private-Key-Exposition, bösartige Backdoors und HFT/sniper/arbitrage bot Risiko.

BeweisbasisEingereichte Profilbilder, Solscan-Screenshot, öffentliche GitHub-Spuren, öffentliche Repository/Tool-Kategorien und Wallet-Spur.

Kernindex: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, Private-Key-Exposition und Sofortmaßnahmen.

Tracking seit Mai 2026UTC-AufzeichnungSolana-WarnungDrain/phishing RisikoPrivate-Key-SicherheitOSINT-Index

overview

Zentrale Warnung

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.

identity

Identitäts- und Alias-Index

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Eingereichte Belege

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub- und Tool-Cluster-Index

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan-Wallet und KuCoin-bezogene Spur

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

on-chain TX-Belege

Bestätigte On-chain-Belege für ein Wallet-Cluster

Neu eingereichte Solscan-Transaktionsbelege verbinden die gemeldete Opfergeld-Empfangswallet, eine Zwischen-/Routing-Wallet und eine hochsaldo Arbitrage/API-style Wallet zu demselben operativen Geldfluss-Cluster.

Opfergeld-EmpfangswalletE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet, in die laut Meldung die gestohlenen Gelder eingingen.

Zwischen- / Routing-WalletGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet, die im beobachteten Transferweg nach der Opfergeld-Wallet genutzt wurde.

Hochsaldo Arbitrage / API-style WalletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet, die zum Beobachtungszeitpunkt laut Meldung über USD 30.000 hielt und anschließend automatisierte/arbitrageartige Aktivität zeigte.

Beobachteter Geldflussweg

Gemeldeter Ablauf: Opfergelder gingen in die erste Wallet ein, liefen über die Zwischenwallet und sind über die gelisteten TXIDs mit Aktivität der hochsaldo Arbitrage/API-style Wallet verbunden.

Transaktionsbelege

Element	Solscan-Transaktion / Account-Link	Relevanz
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Eingereichter TXID für den gemeldeten Geldflussweg, der das Opfergeld-Cluster mit der Aktivität der Arbitrage/API-style Wallet verbindet.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Eingereichter TXID für den gemeldeten Geldflussweg, der das Opfergeld-Cluster mit der Aktivität der Arbitrage/API-style Wallet verbindet.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Eingereichter TXID für den gemeldeten Geldflussweg, der das Opfergeld-Cluster mit der Aktivität der Arbitrage/API-style Wallet verbindet.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Account-Seite der hochsaldo Wallet, die mit den eingereichten TX-Belegen verbunden ist.

Compliance-Relevanz

Dieser Beleg sollte als direkte operative On-chain-Verbindung geprüft werden, nicht als eigenständige gerichtliche Feststellung. Er stützt deutlich, die Opfergeld-Wallet, Zwischenwallet und Arbitrage/API-style Wallet für Exchange-Compliance, Beweissicherung durch Behörden und Scam-Report-Prüfung als verbundenes Wallet-Cluster zu behandeln.

Prüfen, ob diese Wallets mit demselben KuCoin-Konto, API-Zugangsdaten, KYC-Profil, IP/Geräte-Logs, Einzahlungsdaten, Auszahlungsdaten, verknüpften Konten oder Trading-Infrastruktur verbunden sind.
Exakte TXIDs, Solscan-Links, Zeitstempel, Sender/Empfänger-Zeilen, Beträge, Screenshots und sichtbare signer/fee-payer/actor-Felder in den Transaktionsdetails sichern.

Aussage vor dem Vorfall

HFT-Arbitrage-Bot-Behauptung und Tool-Upgrade-Aussage vor dem Vorfall

Ein neu hinzugefügter, vom Nutzer gemeldeter Zeitachsenpunkt hält fest, dass die gemeldete Person nur wenige Stunden vor dem Vorfall angeblich erklärte, mit einem HFT/Arbitrage-Bot etwa $2,000 pro Tag verdienen zu können, den erfolgreichen Launch des Opfers sehen zu wollen und das Tool dafür stark erweitert zu haben.

Dieser Screenshot macht die HFT/Arbitrage-Behauptung zu einem sichtbaren Chat-Beleg und sollte mit UTC-Zeitstempel, Quellenkontext und möglichst dem originalen Telegram-Export gesichert werden.

Behauptete Trading-FähigkeitHFT / Arbitrage-Bot-EinkommensbehauptungGemeldete Aussage: etwa $2,000 pro Tag durch hochfrequente Arbitrage-Bot-Aktivität.

Zeitpunkt des Tool-UpgradesStunden vor dem VorfallDie Upgrade-Aussage ging dem späteren Fondsverlust und den On-chain-Tracing-Ergebnissen unmittelbar voraus.

Kontext verbundener WalletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgHigh-Balance-Arbitrage/API-Wallet, die später durch Wallet-Cluster-TX-Beweise verbunden wurde.

Warum diese Aussage wichtig ist

Sie verbindet behauptete technische Fähigkeiten, HFT/Arbitrage-Infrastruktur, ein kurzfristiges Tool-Upgrade und die spätere On-chain-Fund-Flow-Route.
Kurz nach dem behaupteten Upgrade ereignete sich der Vorfall, und die TX-Beweise verbanden die Victim-Fund-Route mit der High-Balance-Arbitrage/API-Wallet.
Das Timing begründet ernste Sorge, dass das Tool-Upgrade versteckte bösartige Logik, unbefugte Zugriffsfähigkeit, Wallet/Key-Handling-Missbrauch oder einen backdoor-ähnlichen Mechanismus enthalten haben könnte.
Dieser Abschnitt dokumentiert die Aussage als Ermittlungsansatz, der eine forensische Prüfung des gelieferten Quellcodes, VPS/Server-Logs, Deployment-Historie, Umgebungsvariablen, Wallet/Key-Handling-Logik und ausgehender Netzwerkaufrufe erfordert.

Dieser Bericht stützt sich nicht allein auf die Aussage als Beweis für eine Code-Kompromittierung. Die Bedeutung ergibt sich aus der kombinierten Zeitachse: HFT/Arbitrage-Behauptung vor dem Vorfall, Tool-Upgrade-Aussage, vertrauensbasierter Entwickler/Server-Zugriff, Nichtreaktion nach dem Vorfall und spätere Solscan-Wallet-Cluster-Beweise.

threat

Bedrohungsmodell und vermuteter Monetarisierungspfad

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Technische Warnsignale

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Asien-Pazifik-Warnhinweis

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Reverse-Tracking-Suchindex

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Sofortige Sicherheitsmaßnahmen

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Beweissicherungsprotokoll

Soldrift, Telegram @devbeast5775 und verbundene Aliase sollten bis zur unabhängigen forensischen Entlastung als schwerer Sicherheitsrisiko-Cluster behandelt werden.
Jedes Tool, das PRIVATE_KEY, Seed Phrase, gefüllte Wallet, RPC-Zugangsdaten, GRPC_TOKEN, Exchange-API, Server-Admin-Zugriff oder Wallet-Export verlangt, ist als unsicher zu behandeln.
Alle Zeitstempel sollten in UTC für Screenshots, Transaktionen, Commits, Archive und Updates aufgezeichnet werden.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Öffentliche Prüflinks

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Gebruiker-gerapporteerde scam-waarskuwing · UTC OSINT-indeks

Soldrift / devbeast5775
Soldrift / devbeast5775 sekuriteitswaarskuwing en OSINT-indeks

Hoëdigtheid openbare verslag oor Soldrift, Telegram @devbeast5775, GitHub-spore, Solana HFT/sniper/arbitrage tools, KuCoin-gekoppelde Solscan wallet-leidraad en wallet/key veiligheidsaksies.

Warning Evidence Actions

KENNISGEWING / KERNINDEKS

Hierdie verslag teken ’n gebruiker-gerapporteerde scam-, drain-, phishing-tool- en malicious backdoor-system waarskuwing aan wat sedert Mei 2026 gevolg word. Dit bewaar ingediende skermgrepe, openbare GitHub-spore, openbare blockchain-leidrade en Solana-ekosisteem risiko-aanwysers in UTC.

DoelOpenbare sekuriteitswaarskuwing vir gebruikers wat hoërisiko Solana trading tools kan oopmaak, koop, uitvoer of deploy.

IdentifiseerdersSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

BedreigingWallet drainers, phishing-style tools, private-key exposure, malicious backdoors en HFT/sniper/arbitrage bot risk.

BewysbasisIngediende profielbeelde, Solscan-skermgreep, openbare GitHub-spore, openbare repository/tool categories en wallet lead.

Kernindeks: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, private-key exposure en nood-mitigation steps.

Mei 2026 trackingUTC recordSolana waarskuwingDrain/phishing risikoPrivate-key veiligheidOSINT bewysindeks

overview

Kernwaarskuwing

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.

identity

Identiteit- en aliasindeks

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Ingediende bewyse

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub- en tool-clusterindeks

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan wallet en KuCoin-gekoppelde leidraad

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

on-chain TX-bewyse

Bevestigde on-chain wallet-cluster-bewyse

Nuwe Solscan-transaksiebewyse verbind die gerapporteerde slagofferfonds-ontvangswallet, ’n intermediêre routing-wallet, en ’n hoë-saldo arbitrage/API-style wallet in dieselfde operasionele fonds-vloei-kluster.

Slagofferfonds-ontvangswalletE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet waar die gesteelde fondse volgens die verslag ingegaan het.

Intermediêre / routing-walletGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet wat gebruik is in die waargenome oordragroete ná die slagofferfonds-wallet.

Hoë-saldo arbitrage / API-style walletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet wat volgens die verslag meer as USD 30,000 op waarnemingstyd gehou het en daarna geoutomatiseerde/arbitrage-style aktiwiteit gewys het.

Waargenome fonds-vloei-roete

Gerapporteerde vloei: slagofferfondse het in die eerste wallet ingegaan, deur die intermediêre wallet beweeg, en is deur die gelyste TXIDs verbind aan aktiwiteit wat die hoë-saldo arbitrage/API-style wallet betrek.

Transaksiebewyse

Item	Solscan transaksie / account link	Relevansie
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Ingediende TXID vir die gerapporteerde fonds-vloei-roete wat die slagofferfonds-kluster met die arbitrage/API-style wallet-aktiwiteit verbind.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Ingediende TXID vir die gerapporteerde fonds-vloei-roete wat die slagofferfonds-kluster met die arbitrage/API-style wallet-aktiwiteit verbind.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Ingediende TXID vir die gerapporteerde fonds-vloei-roete wat die slagofferfonds-kluster met die arbitrage/API-style wallet-aktiwiteit verbind.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Accountblad van die hoë-saldo wallet wat met die ingediende TX-bewyse verbind is.

Compliance-betekenis

Hierdie bewyse moet as ’n direkte on-chain operasionele skakel hersien word, nie as ’n afsonderlike hofbevinding nie. Dit ondersteun sterk dat die slagofferfonds-wallet, intermediêre wallet en arbitrage/API-style wallet as ’n gekoppelde wallet-kluster behandel word vir exchange compliance, bewysbewaring deur wetstoepassing, en scam-report review.

Hersien of hierdie wallets met dieselfde KuCoin account, API credentials, KYC profile, IP/device logs, deposit records, withdrawal records, linked accounts, of trading infrastructure verbind is.
Bewaar die presiese TXIDs, Solscan links, timestamps, sender/receiver rows, amounts, screenshots, en enige signer/fee-payer/actor fields wat in transaksiebesonderhede sigbaar is.

voorval-vooraf verklaring

HFT-arbitragebot-eis en tool-opgradering verklaring voor die voorval

'n Nuut bygevoegde gebruiker-gerapporteerde tydlynitem teken aan dat die gerapporteerde persoon, slegs ure voor die voorval, na bewering gesê het dat hy ongeveer $2,000 per dag deur 'n HFT/arbitragebot kan verdien, dat hy die slagoffer se bekendstelling wou sien slaag, en dat hy die tool grootliks opgegradeer het vir daardie doel.

Hierdie skermskoot maak die HFT/arbitrage-aanspraak ’n sigbare kletsbewys en moet met UTC-tydstempel, bronkonteks en die oorspronklike Telegram-uitvoer bewaar word indien beskikbaar.

Beweerde handelsvermoëHFT / arbitragebot inkomste-eisGerapporteerde verklaring: ongeveer $2,000 per dag uit hoëfrekwensie arbitrage-styl botaktiwiteit.

Tool-opgradering tydsberekeningUre voor die voorvalDie opgradering-verklaring het die fondsverlies en on-chain naspoorbevindinge onmiddellik voorafgegaan.

Verbonde wallet-konteksEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgHoëbalans arbitrage/API-styl wallet wat later deur die wallet-cluster TX-bewyse gekoppel is.

Hoekom hierdie verklaring belangrik is

Die verklaring verbind beweerde tegniese vermoë, HFT/arbitrage-infrastruktuur, 'n laaste-oomblik tool-opgradering en die latere on-chain fondsroete.
Kort ná die beweerde opgradering het die voorval plaasgevind, en die TX-bewyse het die slagoffer-fondsroete met die hoëbalans arbitrage/API-styl wallet verbind.
Die tydsberekening wek ernstige kommer dat die tool-opgradering versteekte kwaadwillige logika, ongemagtigde toegang, wallet/key-handling misbruik of 'n backdoor-agtige meganisme kon bevat.
Hierdie afdeling teken die verklaring aan as 'n ondersoekleidraad wat forensiese hersiening van die gelewerde bronkode, VPS/bedienerlogs, deployment-geskiedenis, omgewingsveranderlikes, wallet/key-handling logika en uitgaande netwerkoproepe vereis.

Hierdie verslag gebruik nie die verklaring alleen as bewys van kodevlak-kompromie nie. Die belang kom uit die gekombineerde tydlyn: HFT/arbitrage-eis voor die voorval, tool-opgradering verklaring, vertroude ontwikkelaar/bediener-toegang, geen reaksie ná die voorval, en Solscan wallet-cluster-bewyse.

threat

Bedreigingsmodel en vermoedelike monetiseringspad

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Tegniese gevaarseine

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Asië-Stille Oseaan waarskuwing

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Omgekeerde opsporing soekindeks

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Onmiddellike veiligheidsaksies

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Bewysbewaringsprotokol

Soldrift, Telegram @devbeast5775 en verwante aliasse moet as ’n ernstige sekuriteitsrisiko-kluster behandel word totdat onafhanklike forensiese oudit dit skoon verklaar.
Enige tool wat PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access of wallet export capability vra, moet as onveilig beskou word.
Alle tydstempels moet in UTC aangeteken word vir skermgrepe, transaksies, commits, argiewe en opdaterings.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Openbare verifikasieskakels

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Alerta de golpe reportado por usuário · índice OSINT UTC

Soldrift / devbeast5775
Alerta de segurança e índice OSINT Soldrift / devbeast5775

Relatório público denso sobre Soldrift, Telegram @devbeast5775, rastros GitHub, ferramentas Solana HFT/sniper/arbitrage, pista Solscan ligada à KuCoin e ações de segurança wallet/chaves.

Warning Evidence Actions

AVISO / ÍNDICE CENTRAL

Este relatório registra uma advertência, reportada por usuários e rastreada desde maio de 2026, sobre scam, drain, ferramentas de phishing e sistemas de backdoor maliciosos. Ele preserva em UTC capturas enviadas, rastros públicos do GitHub, pistas públicas de blockchain e indicadores de risco do ecossistema Solana.

ObjetivoAlerta público de segurança para usuários que possam acessar, comprar, executar ou implantar ferramentas de trading Solana de alto risco.

IdentificadoresSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

AmeaçaWallet drainers, ferramentas tipo phishing, exposição de chave privada, backdoors maliciosos e risco HFT/sniper/arbitrage.

Base de evidênciaImagens de perfil enviadas, captura Solscan, rastros públicos do GitHub, categorias públicas de ferramentas e pista wallet.

Índice central: handle Telegram, cluster de aliases GitHub, pista wallet Solscan, linhas de transferência ligadas à KuCoin, ferramentas Solana HFT/sniper/arbitrage, exposição de chave privada e medidas urgentes.

Rastreamento maio 2026Registro UTCAlerta SolanaRisco drain/phishingSegurança da chave privadaÍndice OSINT

overview

Alerta executivo

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.

identity

Índice de identidade e aliases

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

Evidências enviadas

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

Índice GitHub e cluster de ferramentas

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Wallet Solscan e pista ligada à KuCoin

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

evidência TX on-chain

Evidência confirmada de cluster de wallets on-chain

Novas evidências de transações Solscan conectam a wallet receptora dos fundos da vítima, uma wallet intermediária de roteamento e uma wallet de alto saldo estilo arbitragem/API no mesmo cluster operacional de fluxo de fundos.

Wallet receptora dos fundos da vítimaE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiWallet relatada como o local onde os fundos roubados entraram.

Wallet intermediária / de roteamentoGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LWallet usada na rota de transferência observada após a wallet dos fundos da vítima.

Wallet de alto saldo estilo arbitragem / APIEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgWallet relatada como tendo mais de USD 30.000 no momento da observação e depois exibindo atividade automatizada/de arbitragem.

Rota observada de fluxo de fundos

Fluxo relatado: os fundos da vítima entraram na primeira wallet, passaram pela wallet intermediária e são conectados pelos TXIDs listados à atividade envolvendo a wallet de alto saldo estilo arbitragem/API.

Evidência de transações

Item	Transação / conta Solscan	Relevância
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	TXID enviado para a rota de fluxo de fundos relatada, conectando o cluster de fundos da vítima à atividade da wallet estilo arbitragem/API.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	TXID enviado para a rota de fluxo de fundos relatada, conectando o cluster de fundos da vítima à atividade da wallet estilo arbitragem/API.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	TXID enviado para a rota de fluxo de fundos relatada, conectando o cluster de fundos da vítima à atividade da wallet estilo arbitragem/API.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Página da conta da wallet de alto saldo conectada às evidências TX enviadas.

Importância para compliance

Esta evidência deve ser revisada como um vínculo operacional direto on-chain, não como uma conclusão judicial isolada. Ela apoia fortemente tratar a wallet dos fundos da vítima, a wallet intermediária e a wallet estilo arbitragem/API como um cluster conectado para compliance de exchanges, preservação por autoridades e revisão de denúncia de scam.

Revisar se essas wallets estão conectadas à mesma conta KuCoin, credenciais API, perfil KYC, logs de IP/dispositivo, registros de depósito, registros de saque, contas vinculadas ou infraestrutura de trading.
Preservar TXIDs exatos, links Solscan, timestamps, linhas de remetente/recebedor, valores, capturas e quaisquer campos signer/fee-payer/actor visíveis nos detalhes da transação.

declaração pré-incidente

Declaração de bot HFT/arbitragem e upgrade da ferramenta antes do incidente

Um novo item de linha do tempo relatado pelo usuário registra que, apenas horas antes do incidente, a pessoa reportada teria afirmado que poderia ganhar aproximadamente $2,000 por dia com um bot HFT/arbitragem, disse que queria ver o lançamento da vítima ter sucesso e afirmou que havia feito um grande upgrade na ferramenta para esse objetivo.

Esta captura transforma a alegação de HFT/arbitragem em uma prova visível de chat e deve ser preservada com horário UTC, contexto da fonte e exportação original do Telegram, se disponível.

Capacidade de trading alegadaDeclaração de renda com bot HFT / arbitragemDeclaração relatada: aproximadamente $2,000 por dia com atividade de bot de arbitragem de alta frequência.

Momento do upgradeHoras antes do incidenteA declaração de upgrade imediatamente precedeu o evento de perda de fundos e os achados de rastreamento on-chain.

Contexto de carteira conectadaEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgCarteira de alto saldo estilo arbitragem/API posteriormente vinculada pela evidência TX do cluster de carteiras.

Por que essa declaração importa

A declaração liga a capacidade técnica alegada, infraestrutura HFT/arbitragem, upgrade de ferramenta de última hora e a rota posterior de fundos on-chain.
Pouco depois do upgrade alegado, o incidente ocorreu, e a evidência TX conectou a rota de fundos da vítima à carteira de alto saldo estilo arbitragem/API.
O timing gera séria preocupação de que o upgrade da ferramenta possa ter incluído lógica maliciosa oculta, capacidade de acesso não autorizado, abuso de manuseio de wallet/key ou mecanismo semelhante a backdoor.
Esta seção registra a declaração como pista investigativa que requer revisão forense do código-fonte entregue, logs de VPS/servidor, histórico de deploy, variáveis de ambiente, lógica de wallet/key-handling e chamadas de rede de saída.

Este relatório não usa a declaração sozinha como prova de comprometimento em nível de código. A importância vem da linha do tempo combinada: alegação HFT/arbitragem pré-incidente, declaração de upgrade da ferramenta, acesso confiado de desenvolvedor/servidor, ausência de resposta pós-incidente e evidência de cluster de carteiras Solscan.

threat

Modelo de ameaça e monetização suspeita

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Sinais técnicos de risco

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Aviso Ásia-Pacífico

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Índice de busca reversa

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Ações imediatas de segurança

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Protocolo de preservação de evidências

Soldrift, Telegram @devbeast5775 e aliases relacionados devem ser tratados como um cluster de risco severo até liberação por auditoria forense independente.
Qualquer ferramenta que peça PRIVATE_KEY, seed phrase, wallet com fundos, credenciais RPC, GRPC_TOKEN, API de exchange, acesso administrador ao servidor ou exportação de wallet deve ser considerada insegura.
Todos os timestamps devem ser registrados em UTC para capturas, transações, commits, arquivos e atualizações.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Links públicos de verificação

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

تحذير احتيال مبلّغ من مستخدم · فهرس OSINT بتوقيت UTC

Soldrift / devbeast5775
تحذير أمني وفهرس OSINT حول Soldrift / devbeast5775

تقرير عام مكثف حول Soldrift وTelegram @devbeast5775 وآثار GitHub وأدوات Solana HFT/sniper/arbitrage ودليل محفظة Solscan المرتبط بـ KuCoin وإجراءات أمان المحفظة/المفاتيح.

Warning Evidence Actions

إشعار / فهرس أساسي

يسجل هذا التقرير تحذيراً مبلّغاً من مستخدمين حول scam وdrain وأدوات phishing وأنظمة backdoor خبيثة يتم تتبعها منذ مايو 2026. ويحفظ اللقطات المقدمة وآثار GitHub العامة وأدلة blockchain العامة ومؤشرات مخاطر نظام Solana بتوقيت UTC.

هدف التقريرتحذير أمان عام للمستخدمين الذين قد يصلون إلى أدوات تداول Solana عالية الخطورة أو يشترونها أو يشغلونها أو ينشرونها.

المعرّفات الأساسيةSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

محور التهديدWallet drainers وأدوات تشبه phishing وتعرّض private keys وbackdoors خبيثة ومخاطر HFT/sniper/arbitrage bot.

أساس الأدلةصور ملف شخصي مقدمة ولقطة Solscan وآثار GitHub عامة وفئات repository/tool عامة ودليل wallet.

الفهرس الأساسي: Telegram handle وGitHub alias cluster وSolscan wallet lead وصفوف تحويل مرتبطة بـ KuCoin وأدوات Solana HFT/sniper/arbitrage وتعرّض private keys وخطوات التخفيف العاجلة.

تتبع منذ مايو 2026سجل UTCتحذير Solanaخطر drain/phishingأمان private keyفهرس OSINT

overview

تحذير تنفيذي

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.

identity

فهرس الهوية والأسماء البديلة

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

الأدلة المقدمة

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

فهرس GitHub ومجموعة الأدوات

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

محفظة Solscan ودليل مرتبط بـ KuCoin

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

دليل معاملات on-chain

دليل مؤكد لمجموعة محافظ على السلسلة

تربط أدلة معاملات Solscan الجديدة بين محفظة استلام أموال الضحية المبلّغ عنها، ومحفظة وسيطة للتوجيه، ومحفظة عالية الرصيد من نمط arbitrage/API ضمن مجموعة تشغيلية واحدة لتدفق الأموال.

محفظة استلام أموال الضحيةE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiالمحفظة التي أُبلغ أن الأموال المسروقة دخلت إليها.

محفظة وسيطة / توجيهGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4Lمحفظة استُخدمت في مسار التحويل المرصود بعد محفظة أموال الضحية.

محفظة عالية الرصيد من نمط arbitrage / APIEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgمحفظة أُبلغ أنها احتوت على أكثر من 30,000 دولار وقت الرصد ثم أظهرت نشاطاً آلياً/تحكيمياً.

مسار تدفق الأموال المرصود

التدفق المبلّغ عنه: دخلت أموال الضحية إلى المحفظة الأولى، ثم مرت عبر المحفظة الوسيطة، وترتبط عبر TXIDs المدرجة بنشاط يشمل المحفظة عالية الرصيد من نمط arbitrage/API.

أدلة المعاملات

العنصر	رابط معاملة / حساب Solscan	الأهمية
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	TXID مقدّم لمسار تدفق الأموال المبلّغ عنه الذي يربط مجموعة أموال الضحية بنشاط المحفظة من نمط arbitrage/API.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	TXID مقدّم لمسار تدفق الأموال المبلّغ عنه الذي يربط مجموعة أموال الضحية بنشاط المحفظة من نمط arbitrage/API.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	TXID مقدّم لمسار تدفق الأموال المبلّغ عنه الذي يربط مجموعة أموال الضحية بنشاط المحفظة من نمط arbitrage/API.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	صفحة حساب المحفظة عالية الرصيد المرتبطة بأدلة TX المقدمة.

الأهمية للامتثال

ينبغي مراجعة هذا الدليل كرابط تشغيلي مباشر على السلسلة، وليس كحكم قضائي مستقل. وهو يدعم بقوة التعامل مع محفظة أموال الضحية والمحفظة الوسيطة ومحفظة arbitrage/API كمجموعة محافظ مرتبطة لأغراض امتثال المنصات وحفظ الأدلة لدى جهات إنفاذ القانون ومراجعة بلاغات الاحتيال.

مراجعة ما إذا كانت هذه المحافظ مرتبطة بحساب KuCoin نفسه أو بيانات API أو ملف KYC أو سجلات IP/الأجهزة أو سجلات الإيداع أو السحب أو الحسابات المرتبطة أو بنية التداول.
حفظ TXIDs الدقيقة وروابط Solscan والطوابع الزمنية وصفوف المرسل/المستلم والمبالغ واللقطات وأي حقول signer/fee-payer/actor ظاهرة في تفاصيل المعاملة.

تصريح قبل الحادثة

تصريح بوت HFT/المراجحة وترقية الأداة قبل الحادثة

يسجل عنصر جديد في الجدول الزمني المبلغ عنه من المستخدم أنه قبل الحادثة بساعات قليلة، زعم الشخص المبلغ عنه أنه يستطيع كسب حوالي $2,000 يومياً عبر بوت HFT/مراجحة، وقال إنه يريد رؤية إطلاق الضحية ينجح، وذكر أنه قام بترقية كبيرة للأداة لهذا الغرض.

تحول هذه اللقطة ادعاء HFT/المراجحة إلى دليل محادثة مرئي يجب حفظه مع توقيت UTC وسياق المصدر وتصدير Telegram الأصلي إن توفر.

القدرة التجارية المزعومةادعاء دخل بوت HFT / مراجحةالتصريح المبلغ عنه: حوالي $2,000 يومياً من نشاط بوت مراجحة عالي التردد.

توقيت ترقية الأداةقبل الحادثة بساعاتسبق تصريح الترقية مباشرةً حدث فقدان الأموال ونتائج التتبع على السلسلة.

سياق المحفظة المتصلةEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgمحفظة عالية الرصيد من نمط المراجحة/API تم ربطها لاحقاً بواسطة دليل TX لمجموعة المحافظ.

لماذا هذا التصريح مهم

يربط التصريح بين القدرة التقنية المزعومة، وبنية HFT/المراجحة، وترقية أداة في اللحظة الأخيرة، ومسار الأموال اللاحق على السلسلة.
بعد وقت قصير من الترقية المزعومة، وقعت الحادثة، وربط دليل TX مسار أموال الضحية بالمحفظة عالية الرصيد من نمط المراجحة/API.
يثير التوقيت قلقاً جدياً من أن ترقية الأداة ربما تضمنت منطقاً خبيثاً مخفياً، أو قدرة وصول غير مصرح بها، أو إساءة استخدام wallet/key-handling، أو آلية شبيهة بالباب الخلفي.
يسجل هذا القسم التصريح كدليل تحقيق يتطلب مراجعة جنائية للكود المصدري المسلم، وسجلات VPS/الخادم، وتاريخ النشر، ومتغيرات البيئة، ومنطق التعامل مع wallet/key، والاتصالات الشبكية الصادرة.

لا يعتمد هذا التقرير على التصريح وحده كدليل على اختراق مستوى الكود. تأتي أهميته من الجدول الزمني المركب: ادعاء HFT/المراجحة قبل الحادثة، تصريح ترقية الأداة، وصول المطور/الخادم الموثوق، عدم الرد بعد الحادثة، وأدلة Solscan الخاصة بمجموعة المحافظ.

threat

نموذج التهديد ومسار الربح المشتبه

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

إشارات تقنية خطرة

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

تنبيه آسيا والمحيط الهادئ

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

فهرس البحث العكسي

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

إجراءات أمان فورية

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

بروتوكول حفظ الأدلة

يجب التعامل مع Soldrift وTelegram @devbeast5775 والأسماء المرتبطة ككتلة خطر أمني شديد إلى أن يثبت تدقيق جنائي رقمي مستقل العكس.
أي أداة تطلب PRIVATE_KEY أو seed phrase أو محفظة ممولة أو بيانات RPC أو GRPC_TOKEN أو API منصة أو صلاحيات مدير خادم أو تصدير المحفظة يجب اعتبارها غير آمنة.
يجب تسجيل كل الطوابع الزمنية بتوقيت UTC للقطات الشاشة والمعاملات والالتزامات والأرشيفات والتحديثات.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

روابط تحقق عامة

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

User-reported scam warning · UTC OSINT index

Soldrift / devbeast5775
Soldrift / devbeast5775 सुरक्षा चेतावनी और OSINT index

Soldrift, Telegram @devbeast5775, GitHub traces, Solana HFT/sniper/arbitrage tools, KuCoin-linked Solscan wallet lead और wallet/key security actions पर dense public report.

Warning Evidence Actions

सूचना / मुख्य सूचकांक

यह रिपोर्ट मई 2026 से tracked user-reported scam, drain, phishing-tool और malicious backdoor-system warning को रिकॉर्ड करती है. यह submitted screenshots, public GitHub traces, public blockchain leads और Solana ecosystem risk indicators को UTC में preserve करती है.

उद्देश्यHigh-risk Solana trading tools तक access, buy, run या deploy करने वाले users के लिए public security warning.

मुख्य identifiersSoldrift · Telegram @devbeast5775 · whistledev411 · @whistle · @soldrift

Threat focusWallet drainers, phishing-style tools, private-key exposure, malicious backdoors और HFT/sniper/arbitrage bot risk.

Evidence basisSubmitted profile images, Solscan screenshot, public GitHub traces, public repository/tool categories और wallet lead.

Core index: Telegram handle, GitHub alias cluster, Solscan wallet lead, KuCoin-linked transfer rows, Solana HFT/sniper/arbitrage tooling, private-key exposure और emergency mitigation steps.

May 2026 trackingUTC recordSolana warningDrain/phishing riskPrivate-key safetyOSINT evidence index

overview

मुख्य चेतावनी

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.

identity

पहचान और alias index

Primary online identifierSoldriftMain name used in public GitHub and report context.

Key contact identifierTelegram @devbeast5775Primary handle emphasized for search, OSINT matching, and user warning.

Telegram URLt.me/devbeast5775Public contact trail requiring archival capture.

Related public tracewhistledev411 / @whistle / @soldriftPossible alias, migration, clone-path, or rebranding cluster to monitor.

Wallet leadEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgSolscan account lead submitted by the complainant.

Exchange-linked label observedKuCoin 2Visible in the submitted Solscan screenshot as a transaction counterparty label.

Time standardUTC onlyUse UTC for all event, commit, transaction, screenshot, and archive timestamps.

evidence

प्रस्तुत evidence

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Exhibit A, Exhibit B, and Exhibit C are preserved as submitted evidence records with UTC timestamps and secret redaction.

github

GitHub और tool-cluster index

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Monitor Soldrift, whistledev411, @whistle, @soldrift, repository deletion, 404 status, private conversion, renaming, clone path movement, and Telegram handle rotation.

Tool-category matrix

Launch tools	Pump.fun, PumpSwap, launch automation, bundler, first-buy, 0-block claims	High risk when combined with private keys or funded wallets.
Trading bots	HFT, sniper, arbitrage, MEV, copy-trading, wallet tracking	High risk when combined with live execution and hidden networking.
Volume tools	Raydium volume, Dexscreener trending, maker bots, multi-wallet automation	May indicate market-manipulation-like or abusive activity.
Exchange-linked tools	KuCoin API, exchange routing, arbitrage execution	Requires exchange key exposure; must be independently verified.
Phishing-like tools	Wallet connection, private-key input, casino/gambling bots, Axiom/Polymarket claims	Severe risk when secrets or funds are requested.

wallet

Solscan wallet और KuCoin-linked lead

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Solscan wallet lead: EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg. KuCoin-linked transfer rows are investigative leads only and require lawful blockchain analysis.

on-chain TX evidence

Confirmed on-chain wallet-cluster evidence

नई Solscan transaction evidence reported victim-fund receiving wallet, intermediate routing wallet, और high-balance arbitrage/API-style wallet को उसी operational fund-flow cluster में जोड़ती है.

Victim-fund receiving walletE8RcJDs3SaBP2udWy6bD7576zJ3WitfbVh16vgeqoAgiवह wallet जहाँ stolen funds आने की report की गई.

Intermediate / routing walletGLoyGTsJiS3iDAV66NNsiRWkm1VU6H6UjaywmNdaxs4LVictim-fund wallet के बाद observed transfer route में इस्तेमाल wallet.

High-balance arbitrage / API-style walletEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgObservation time पर reportedly USD 30,000 से अधिक रखने वाला और बाद में automated/arbitrage-style activity दिखाने वाला wallet.

Observed fund-flow route

Reported flow: victim funds पहले wallet में आए, intermediate wallet से route हुए, और listed TXIDs के माध्यम से high-balance arbitrage/API-style wallet activity से जुड़े.

Transaction evidence

Item	Solscan transaction / account link	Relevance
TX 1	33Jc35XrQwhFAZN93Gcsyi2a3Zb9ujgxNeSPcD2xUMzcQ3b18kqCUHHhUdzzAY5dNDgQHSfqFM7RshX7A4KvCnKW	Reported fund-flow route का submitted TXID, जो victim-fund cluster को arbitrage/API-style wallet activity से जोड़ता है.
TX 2	2Zm267N9eDAbvLX3WooJYmLc5YCkNKyBitV6CRn3HBApxEFHMc7tBuLtHXEcAjmjDhsDz3aBfEefK7HdKPuT8um7	Reported fund-flow route का submitted TXID, जो victim-fund cluster को arbitrage/API-style wallet activity से जोड़ता है.
TX 3	3beyL4Um4Wt9duWbCQrStySMdLF33k5QAP1h49VQkE6PTJaHtp36G3JGnTjmVDZ7RcY4z1v8C7ngnNnvHK9wkoqV	Reported fund-flow route का submitted TXID, जो victim-fund cluster को arbitrage/API-style wallet activity से जोड़ता है.
Efw account	EfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPg	Submitted TX evidence से connected high-balance wallet का account page.

Compliance significance

इस evidence को direct on-chain operational link के रूप में review किया जाना चाहिए, standalone court finding के रूप में नहीं. यह exchange compliance, law-enforcement preservation और scam-report review के लिए victim-fund wallet, intermediate wallet और arbitrage/API-style wallet को connected wallet cluster मानने का मजबूत आधार देता है.

Review करें कि क्या ये wallets same KuCoin account, API credentials, KYC profile, IP/device logs, deposit records, withdrawal records, linked accounts, या trading infrastructure से connected हैं.
Exact TXIDs, Solscan links, timestamps, sender/receiver rows, amounts, screenshots, और transaction details में दिखने वाले signer/fee-payer/actor fields को preserve करें.

घटना से पहले बयान

घटना से पहले HFT आर्बिट्राज बॉट दावा और टूल-अपग्रेड बयान

एक नए उपयोगकर्ता-रिपोर्टेड टाइमलाइन आइटम में दर्ज है कि घटना से केवल कुछ घंटे पहले रिपोर्ट किए गए व्यक्ति ने कथित रूप से कहा कि वह HFT/आर्बिट्राज बॉट से लगभग $2,000 प्रतिदिन कमा सकता है, वह पीड़ित के लॉन्च को सफल होते देखना चाहता है, और इसी उद्देश्य से उसने टूल को भारी रूप से अपग्रेड किया है।

यह screenshot HFT/arbitrage claim को केवल timeline allegation से visible chat exhibit में बदलता है; इसे UTC timestamp, source context और उपलब्ध हो तो original Telegram export के साथ सुरक्षित रखना चाहिए।

दावा की गई ट्रेडिंग क्षमताHFT / आर्बिट्राज बॉट आय दावारिपोर्टेड बयान: हाई-फ्रीक्वेंसी आर्बिट्राज-स्टाइल बॉट गतिविधि से लगभग $2,000 प्रतिदिन।

टूल-अपग्रेड का समयघटना से कुछ घंटे पहलेयह अपग्रेड बयान बाद की फंड-लॉस घटना और ऑन-chain ट्रेसिंग निष्कर्षों से ठीक पहले आया।

कनेक्टेड वॉलेट संदर्भEfwJn8cXCYhcGrsavxWSDbUFHPrCK9gvdCr6AVywFBPgहाई-बैलेंस आर्बिट्राज/API-स्टाइल वॉलेट जो बाद में वॉलेट-क्लस्टर TX प्रमाण से जुड़ा।

यह बयान क्यों महत्वपूर्ण है

यह बयान दावा की गई तकनीकी क्षमता, HFT/आर्बिट्राज इंफ्रास्ट्रक्चर, अंतिम समय के टूल अपग्रेड और बाद के ऑन-chain फंड-फ्लो रूट को जोड़ता है।
कथित अपग्रेड के तुरंत बाद घटना हुई, और TX प्रमाण ने पीड़ित-फंड रूट को हाई-बैलेंस आर्बिट्राज/API-स्टाइल वॉलेट से जोड़ा।
समय-क्रम गंभीर चिंता उठाता है कि टूल अपग्रेड में छिपा malicious logic, unauthorized access capability, wallet/key-handling abuse, या backdoor-like mechanism शामिल हो सकता था।
यह सेक्शन इस बयान को investigative lead के रूप में रिकॉर्ड करता है, जिसके लिए delivered source code, VPS/server logs, deployment history, environment variables, wallet/key-handling logic और outbound network calls की forensic review आवश्यक है।

यह रिपोर्ट केवल इस बयान को code-level compromise का प्रमाण नहीं मानती। महत्व संयुक्त टाइमलाइन से आता है: घटना से पहले HFT/आर्बिट्राज दावा, टूल-अपग्रेड बयान, trusted developer/server access, post-incident non-response, और बाद का Solscan wallet-cluster evidence।

threat

Threat model और suspected monetization path

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Suspected pattern: GitHub credibility, private Telegram sales, bot execution, private-key/API exposure, repository movement, and potential exchange-linked HFT/arbitrage monetization.

redflags

Technical red flags

PRIVATE_KEY or seed phrase request
Funded wallet request
KuCoin or exchange API key request
RPC key, GRPC_ENDPOINT, or GRPC_TOKEN request
Server root/admin access request
Encrypted or obfuscated bot package
Compiled binary without reproducible build instructions
Hidden outbound network request
Telegram or Discord webhook
Remote logging endpoint
Wallet export or key-transfer logic
Guaranteed profit, guaranteed speed, first-buy, or 0-block claim
Dexscreener trending or volume manipulation claim
Raydium volume or maker manipulation claim
Polymarket win-rate or prediction-market manipulation claim
Axiom trading advantage claim
Casino, gambling, wallet-drainer, or phishing-like bot claim

asia

Asia-Pacific caution notice

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Asia-Pacific users should treat this cluster as high risk while avoiding nationality assumptions or ethnic profiling.

tracking

Reverse-tracking search index

Soldrift devbeast5775Telegram @devbeast5775devbeast5775 Telegramt.me/devbeast5775Soldrift GitHubwhistledev411@whistle@soldriftSolana HFT bot warningSolana sniper bot warningSolana arbitrage bot warningSolana MEV bot warningSolana wallet tool scamSolana phishing tool warningKuCoin API arbitrage botKuCoin Solana arbitrageRaydium volume botDexscreener volume botDexscreener trending botPolymarket botPolymarket win-rate botAxiom trading botcasino phishing botwallet drainer warningJito bundler botYellowstone gRPC sniper botGRPC_TOKEN Solana botPRIVATE_KEY Solana botVPS root access developer scam

actions

Immediate security actions

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Do not use real funds. Rotate exposed keys. Remove unknown server access. Archive evidence with UTC timestamps.

preservation

Evidence preservation protocol

Soldrift, Telegram @devbeast5775 और related aliases को independent forensic audit से clear होने तक severe security-risk cluster माना जाना चाहिए.
PRIVATE_KEY, seed phrase, funded wallet, RPC credentials, GRPC_TOKEN, exchange API, server administrator access या wallet export capability मांगने वाला कोई भी tool unsafe माना जाना चाहिए.
Screenshots, transactions, commits, archives और updates के सभी timestamps UTC में रिकॉर्ड होने चाहिए.
Preserve public URLs, README text, commits, transaction hashes, profile screenshots, Solscan links, and report updates. Do not publish secrets or unrelated personal information.

sources

Public verification links

GitHub profile: Soldrift GitHub profile: whistledev411 Repository trace: pumpfun-copy-trading-bot Solscan account lead

Soldrift / devbeast5775Security Warning and OSINT Index

Executive warning

Identity and alias index

Submitted exhibits

GitHub and tool-cluster index

Tool-category matrix

Solscan wallet and KuCoin-linked lead

Confirmed on-chain wallet-cluster evidence

Observed fund-flow route

Transaction evidence

Compliance significance

Pre-incident HFT arbitrage bot claim and tool-upgrade statement

Why this statement matters

Threat model and suspected monetization path

Technical red flags

Asia-Pacific caution notice

Reverse-tracking search index

Immediate security actions

Evidence preservation protocol

Public verification links

Soldrift / devbeast5775보안 경고 및 OSINT 색인

핵심 경고

식별자 및 별칭 색인

제출 증거

GitHub 및 도구 클러스터 색인

Tool-category matrix

Solscan 지갑 및 KuCoin 연계 단서

확인된 온체인 지갑 클러스터 증거

관찰된 자금 흐름

트랜잭션 증거

컴플라이언스 중요성

사건 직전 HFT 차익거래봇 주장 및 툴 업그레이드 발언

이 발언이 중요한 이유

위협 모델 및 의심 수익화 경로

기술적 위험 신호

아시아·태평양 주의 경고

역추적 검색 색인

즉시 보안 조치

증거 보존 프로토콜

공개 검증 링크

Soldrift / devbeast5775Soldrift / devbeast5775 用户举报骗局安全警告和 OSINT 索引

核心警告

身份与别名索引

提交证据

GitHub 与工具集群索引

Tool-category matrix

Solscan 钱包与 KuCoin 关联线索

已确认的链上钱包集群证据

观察到的资金流路径

交易证据

合规重要性

事发前 HFT 套利机器人声明与工具升级说法

该声明的重要性

威胁模型与疑似获利路径

技术危险信号

亚太地区谨慎通知

反向追踪搜索索引

立即安全措施

证据保存协议

公开验证链接

Soldrift / devbeast5775Advertencia de seguridad y OSINT sobre Soldrift / devbeast5775

Advertencia ejecutiva

Índice de identidad y alias

Evidencias enviadas

Índice de GitHub y clúster de herramientas

Tool-category matrix

Wallet Solscan y pista vinculada a KuCoin

Evidencia confirmada de clúster de wallets on-chain

Ruta de flujo de fondos observada

Evidencia de transacciones

Importancia para cumplimiento

Declaración de bot HFT/arbitraje y actualización de herramienta antes del incidente

Por qué importa esta declaración

Modelo de amenaza y monetización sospechada

Señales técnicas de riesgo

Aviso de cautela Asia-Pacífico

Índice de búsqueda inversa

Acciones de seguridad inmediatas

Protocolo de preservación de evidencia

Enlaces públicos de verificación

Soldrift / devbeast5775
Security Warning and OSINT Index

Soldrift / devbeast5775
보안 경고 및 OSINT 색인

Soldrift / devbeast5775
Soldrift / devbeast5775 用户举报骗局安全警告和 OSINT 索引

Soldrift / devbeast5775
Advertencia de seguridad y OSINT sobre Soldrift / devbeast5775

Soldrift / devbeast5775
Предупреждение безопасности и OSINT по Soldrift / devbeast5775

Soldrift / devbeast5775
Soldrift / devbeast5775 Security Warning at OSINT Index

Soldrift / devbeast5775
Peringatan keamanan dan indeks OSINT Soldrift / devbeast5775

Soldrift / devbeast5775
Soldrift / devbeast5775 セキュリティ警告および OSINT 索引