Key Highlights
- The affected Ledger user insists that recovery phrase never been exposed, wallet used only on dedicated new MacBook, untouched for weeks—still it got drained.
- 30,000 USDC transferred to Bitget exchange while native SOL (~2,000) remained safe until manually moved out.
- User adamant no dApp interaction or transaction signed recently, yet drain occurred—sparking debate on Ledger/Solana security risks.
A crypto trader has gone public with an alarming claim that roughly 30,000 USDC vanished from his hardware-secured wallet on the Solana blockchain without any action on his part.
The user, who goes by the username of Canissolan, shared a detailed post on X and laid out extreme precautions he took to protect his assets. The user insists that the recovery phrase for his Ledger device was never shared, photographed, digitized, or entered anywhere, still the funds were drained.
He emphasized that his hardware wallet connects only to a dedicated MacBook bought specifically for Ledger use and no history of browsing, downloads, or connection to other crypto apps or sites. The device never even touched any other computer, and he hadn’t even opened the Ledger wallet for several weeks before spotting the drain.
“I did not initiate, confirm, or sign any transaction authorizing this withdrawal,” he wrote, adding he’s “100% certain” no one gained physical access to the device or laptop. He discovered the transfer while checking blockchain records on Solscan, with the USDC moving out to Bitget, a leading crypto exchange. Notably, he held around 2,000 SOL in the same wallet, which remained untouched until he manually sent it to a centralized exchange afterward.
The trader tagged Ledger support and blockchain investigator ZachXBT, demanding answers about how the transaction could occur under such locked-down conditions. He shared screenshots of his setup and transaction details to back his story.
Divided community opinions
Responses from the crypto community split quickly. Some users expressed sympathy and outrage, calling on Ledger to explain or even threatening to ditch their devices. Others pointed to a common Solana vulnerability where if a user ever approves a malicious transaction, an attacker can change the authority on specific token accounts like USDC. Once that happens, they can drain those tokens later without needing another signature from the owner.
The case highlights ongoing questions about hardware wallet security on fast-moving chains like Solana, where user-approved actions can create lasting risks, even for those who follow strict protocols. At press time, Ledger had not yet publicly commented on this specific incident.
Also read: Iran Crypto Withdrawals Surged 700% After US-Israel Airstrikes