The alleged mastermind behind the Solana memecoin protocol pump.fun exploit has been apprehended in London. British authorities arrested Jarett Dunn, a former contractor known online as @STACCoverflow, in the early hours of May 18.

The arrest followed a meticulous 26-hour intelligence operation initiated by a third-party stakeholder who had hired a private intelligence firm. The operation leveraged social media posts and other publicly available information to track Dunn’s whereabouts in London. Local operatives, or β€œauxiliaries,” were reportedly deployed in a massive search that eventually led them to the Middle Eight Hotel in Covent Garden. Dunn was found in a room at the hotel and taken into custody seven hours later.

Interestingly, the timing of his arrest coincided with his last social media post on X, where he hinted at his identity with the username @STACCoverflow, a play on the French phrase β€œj’arrΓͺte” (meaning β€œI’m done”) and his real name, Jarett. After his arrest, Dunn was released on bail, according to his own post on X and confirmation from the intelligence firm.

“I am once again without any of my 2fa for a lil while. I spent overnight in custody as the pump team alleges I stole 2m of their ill-gotten gains with conspiracy to steal another 80m.”

He is expected to remain in the UK until his court appearance, reportedly scheduled for August.

The pump.fun platform, which simplifies token launches on the Solana (SOL) network, was exploited on May 16, resulting in a loss of over 12,300 SOL valued at approximately $2 million at the time. The attacker used flash loans from Raydium, a Solana lending protocol, to carry out the exploit. Flash loans are decentralized finance (DeFi) tools that allow users to borrow large amounts of capital. In this case, the attacker manipulated the pump.fun bonding curves, a mechanism that sets token prices based on supply. By reaching 100% on these curves, the hacker accessed and withdrew liquidity meant for Raydium, then repaid the flash loan, making off with substantial profits.

Following the incident, pump.fun started working with law enforcement to investigate the breach.

Igor Igamberdiev, head of research at cryptocurrency market maker Wintermute, was among the first to suggest that an internal private key leak might have facilitated the hack. Subsequently, Dunn, under the alias @STACCoverflow, admitted his role in the exploit, posting a series of erratic tweets where he expressed a desire to β€œchange the course of history” and openly discussed his mental health struggles and grief over his mother’s death.

“And now; Magic: everybody be cool, this is a robbery. What it do, staccattack? I’m about to change the course of history. n then rot in jail. am I sane? nah. am I well? very much not. do I want for anything? my mom raised from the dead n barring that: /x”

He also asserted that the stolen funds would be distributed to holders of various Solana tokens. Dunn’s posts indicated that at least seven individuals were entitled to these payouts, though he did not provide specifics about the distribution process or deadlines. His messages also suggested a motive driven more by emotional distress than financial gain.

For more updates and the latest news in the cryptocurrency world, stay tuned to Global Crypto News.