A threat actor is attempting to sell a database allegedly containing user data from a collection of platforms known colloquially as the “Solana Trenches”, high-frequency trading environments for cryptocurrency and memecoins. The actor is offering the dataset on a cybercrime forum, claiming it originates from four distinct platforms within the Solana ecosystem.
The list of alleged victims whose data is being sold includes:
-
pump.fun (🌐): A widely used launchpad for creating and trading meme coins on the Solana blockchain.
-
gmgn.ai (🌐): An AI-powered trading bot and analytics platform used for tracking “smart money” and sniping token launches.
-
axiom.trade (🌐): A decentralized trading interface specializing in memecoins and perpetual futures on Solana.
-
padre.gg (🌐): A multi-chain trading terminal optimized for speed and memecoin transactions.
According to the actor, the dataset was collected within the last 60 days and has been “clean, de-duplicated” for sale. The allegedly compromised data includes:
-
218,000 Email addresses (Total count across all platforms)
-
75,000 from pump.fun
-
67,000 from gmgn.ai
-
59,000 from axiom.trade
-
17,000 from padre.gg
-












