← DogWifTools1 decision on this page

Audit log

Every state-changing event for DogWifTools: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

#1publishby system:backfill
2026-05-19 20:13:21Z
Score: ? → ? (no score change)
anchoranchored
chain
●mainnet-betaslot 420,839,294
sig
tc59ZHTi1UVo…pWo3UZHAexplorer ↗
hash
EuY2R8aWv2nB…JPiLyRNPsha256 → base58
verifying row…full verify ↗
canonical bytes (6887 B) ▸
{"actor":"system:backfill","investigation_id":"e05ca87b-8858-4518-b7e5-1ff5395b9bbf","kind":"publish","page_slug":"dogwiftools","published_at":"2026-05-19T20:13:21.463Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"DogWifTools","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://x.com/dogwiftools/status/1811888342591766584"},{"credibility":3,"name":"","type":"other","url":"https://docs.dogwiftools.com/dogwiftools/getting-started/bundler"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://www.rootdata.com/Projects/detail/DogWifTools?k=MTYxMzY%3D"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://docs.dogwiftools.com/dogwiftools/getting-started/bundler"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://www.cryptotimes.io/2025/01/30/solana-pump-fun-tool-dogwiftool-exploit-drains-10m-in-crypto/"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-dogwiftools-hack-january-2025"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-dogwiftools-hack-january-2025"},{"credibility":3,"name":"","type":"other","url":"https://www.cryptotimes.io/2025/01/30/solana-pump-fun-tool-dogwiftool-exploit-drains-10m-in-crypto/"},{"credibility":3,"name":"","type":"other","url":"https://www.mexc.com/news/410195"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/poetic-justice"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-dogwiftools-hack-january-2025"},{"credibility":3,"name":"","type":"other","url":"https://docs.dogwiftools.com/dogwiftools/getting-started/bundler"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://www.soliduslabs.com/reports/solana-rug-pulls-pump-dumps-crypto-compliance"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://www.rootdata.com/Projects/detail/DogWifTools?k=MTYxMzY%3D"},{"credibility":3,"name":"","type":"other","url":"https://www.scworld.com/brief/dogwiftools-breached-in-supply-chain-attack-on-cryptocurrency-wallets"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-dogwiftools-hack-january-2025"},{"credibility":3,"name":"","type":"other","url":"https://threats.wiz.io/all-incidents/dogwiftool-supply-chain-attack"},{"credibility":3,"name":"","type":"other","url":"https://www.dlnews.com/articles/defi/solana-execs-sued-over-memecoin-trades/"},{"credibility":3,"name":"","type":"other","url":"https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/"},{"credibility":3,"name":"","type":"other","url":"https://rekt.news/poetic-justice"}]}],"sources_used":[],"summary":"DogWifTools is a Solana-based memecoin tooling platform that markets features explicitly designed to simulate artificial trading volume, conceal supply concentration across hundreds of wallets, and inflate engagement metrics on pump.fun — capabilities that security researchers and blockchain analysts characterize as enabling wash trading and coordinated pump-and-dump schemes. In January 2025, the platform suffered a supply-chain attack in which threat actors trojaned versions 1.6.3 through 1.6.6 with a Remote Access Trojan, draining an estimated $10 million from users' wallets; the attacker group framed the theft as vigilante justice against scammers. No known regulatory action has been taken against DogWifTools operators, who remain anonymous.","timeline":[{"date":"2024-07-12","event":"DogWifTools v1.0 officially released on X, advertising volume bot, bundler, anti-detection bypass, and comment bot features for pump.fun token launches.","source":""},{"date":"2024-07-01","event":"Platform begins selling lifetime licenses at approximately 15 SOL, establishing a paid subscription base of memecoin operators.","source":""},{"date":"2025-01-01","event":"Threat actors reverse-engineer DogWifTools software and extract a GitHub authentication token, gaining covert access to the private repository.","source":""},{"date":"2025-01-27","event":"Threat actors trojanize DogWifTools versions 1.6.3 through 1.6.6, embedding a Remote Access Trojan (RAT) that downloads 'updater.exe' to harvest private keys, exchange credentials, and KYC identity documents from Windows users.","source":""},{"date":"2025-01-29","event":"DogWifTools users begin reporting mass wallet draining across hot and cold wallets; loss of Binance and Coinbase account access reported. Community estimates of losses reach $10 million.","source":""},{"date":"2025-01-29","event":"DogWifTools operators publicly attribute the compromise to a third-party actor who gained access via GitHub token; deny it is an internal rug pull.","source":""},{"date":"2025-01-30","event":"A group calling itself 'Jizzy Group' publishes a manifesto on a dark web onion site claiming responsibility for the attack, framing it as vigilante justice against scammers and calling Solana 'a fucking joke designed by criminals for criminals.'","source":""},{"date":"2025-01-30","event":"Major crypto security outlets including BleepingComputer, Halborn, Rekt News, CryptoTimes, and The Defiant publish coverage of the incident, widely characterizing DogWifTools as a 'fake liquidity generator.'","source":""},{"date":"2025-02-01","event":"Halborn Security publishes post-mortem analysis confirming supply-chain attack vector, RAT injection mechanism, and characterizing DogWifTools as infrastructure for wash trading and fake liquidity generation.","source":""},{"date":"2025-02-01","event":"Wiz Cloud Threat Landscape database catalogues the DogWifTool supply-chain attack as a notable 2025 security incident.","source":""}]},"v":1}
Verify offline (run on your own machine)
python -m src.verify_decision 4c85c2c7-468c-492d-b92f-a3deae9b958e

How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.