Pump.fun Hacker Steals $2 Million, Receives 6-Year Prison Sentence, Opts for 'Self-Detonation'

In May 2024, pump.fun experienced a hack where the attacker stole around $2 million worth of SOL and a large amount of meme coins. At the time, the attacker claimed to randomly airdrop these funds to players on Solana, earning the nickname "Robin Hood of the crypto world."

Jarett Dunn (alias Stacc), the attacker, was a former pump.fun employee. Last December, he was sentenced to 6 years in prison by a judge in London.

Two days ago, he exposed a large number of Telegram chat records from his time at pump.fun.

So I spent a lot of time going through these chat records one by one. In reality, after reading them all, I was confused because the records did not contain what I had imagined, such as intentional misconduct by the pump.fun team in manipulating liquidity or taking user fees unfairly. There was also no content suggesting major ethical issues with the founder, alon, or other team members.

However, in Jarett Dunn's tweets, he described himself as a whistleblower and considered his exposure a form of "justice self-destruct." Someone in his comments expressed the same doubt, and he replied:

"These records show that I warned them twice that they had to complete the KYC/AML process to do live streaming on the platform (but they ignored it), and then we all know how things turned out in the end (referring to the early chaos of uncensored live streaming on pump.fun)."

If this accusation holds some truth, the next accusation is a bit of a leap:

"An employee in the group said the following: his friend is already looking for models, waiting for pump.fun to go live to do something adult-oriented."

The corresponding chat record for this accusation is as follows. Firstly, pump.fun's co-founder Sapijiju shared a Twitch streamer in the pump.fun company group, mentioning that another Twitch streamer had already launched a coin through pump.fun. One employee commented that this streamer is a Rugger and had already rug pulled 5 coins yesterday.

Then the employee said that his friend was looking for a "model" (to do the same thing). In context, this seems more like a joke. However, interspersed in the middle was Jarett Dunn's suggestion, in which he expressed his opinion that partnering with a live streaming platform would be better, as it would not only avoid the KYC responsibility but also significantly shorten the time needed for pump.fun to launch its live streaming feature.

The main point of accusation here should be that the whole team was well aware that this was a rug pull scheme, yet they still maintained a carefree attitude and joked about it. As a co-founder, alon mentioned in the records that he "felt like he had seen her profile before," and that was the end of it.

There are some records showing the early "draft" stage of pump.fun. For example, they had to proceed with getting a contract done even though they considered the contract itself to be "a piece of shit" due to investor pressure (needing to show how many employees the company had to investors). They were also looking for a lawyer to draft a new one. For the then "young" pump.fun, it's hard to say if this is really scandalous:

Perhaps the most "explosive" part of the records disclosed by Jarett Dunn was revealing the phone numbers associated with alon and Sapijiju's Telegram accounts. Since this involves privacy, these screenshots are not included in this article.

So, how deep does this grudge go? From the records, I couldn't find the starting point of the feud between Jarett Dunn and pump.fun, but he was a talented programmer who was diagnosed with paranoid schizophrenia at the age of 20.

When he attacked pump.fun 2 years ago, his mother had recently passed away. At that time, he had only been with pump.fun for 6 weeks.

Four days after the attack, he was arrested at a hotel just 90 meters away from pump.fun's office in London, where he was staying. Upon his arrest, he was immediately deemed unfit for questioning by the authorities and was taken to the hospital for two weeks of mental health treatment, as he had been off medication for several months.

During his sentencing hearing 2 months after pleading guilty, he attempted to retract his plea, a sudden change of heart that his legal team was not on board with.

In September 2023, he wrote in a tweet, "I am homeless now, prepared to sleep in the park, fighting against a bug I created with 5G internet."

And in the record, pump.fun reimbursed his plane ticket, allowing him to fly from Canada to the UK. Was he happy, fulfilled at that time?

Facing such a complex, tumultuous life of a programmer, I seem to only have a sigh facing life.