According to Foresight News, Certik released a Sola security incident analysis. On April 12, 2025, an unverified contract 0x623c was exploited, resulting in approximately $28,000 in losses due to lack of access control. This attack was the fourth incident related to the same attacker. Previously, the attacker had targeted Gemcy, OPC, and AIRWA, profiting around $181,000. On April 23, the attacker conducted a fifth attack on ACB. Overall, the attacker sent 498 BNB to Tornado Cash across the five listed incidents.
As of 2025, Certik has recorded 93 events related to code vulnerabilities, with total losses of approximately $52.5 million. By number of incidents, code vulnerabilities are the second most common cause of losses, following phishing.
