Noones App, a P2P Marketplace, Reportedly Hacked for $7.9 Million

Exploit Discovery and On-Chain Analysis

Noones App, an international peer-to-peer marketplace supporting cryptocurrencies, experienced a series of outbound transactions that raised concerns of a significant exploit. Blockchain investigator ZachXBT identified suspicious wallet activity within the app, dating to early January and coinciding with the announcement of wallet maintenance.

Investigators found large-scale withdrawals totaling $7.9 million in assets across multiple blockchains, including Ethereum, TRON, Solana, and BNB Smart Chain. While Noones App operates without regulatory approval, it acts as a custodian of user funds, putting assets at risk during security breaches.

The timing of the attack matched exactly with the wallet maintenance announcement, suggesting a vulnerability may have been exploited during this critical period.

Fund Obfuscation Mechanisms

Following the initial withdrawals, the attacker deployed a sophisticated strategy to hide the stolen funds. The assets were first transferred and consolidated on Ethereum and BNB Smart Chain, then sent to mixing services to obscure their trail.

On Ethereum, one address was especially active, repeatedly sending batches of 10 ETH to mixing services. A similar pattern occurred on BNB Smart Chain, with tightly coordinated transactions until all funds were fully mixed and concealed.

On TRON, the attacker used a different tactic, transferring and converting assets to consolidate all holdings into USDT (TRC-20). After mixing through obfuscation services, these funds became impossible to recover or trace to new wallets. This approach makes it virtually impossible to distinguish legitimate withdrawals, except through on-chain analysis of similar transactional patterns.

ZachXBT previously documented that Paxful and Noones App acted as gateways to launder funds from Lazarus Group exploits, with roughly $44 million moved through these platforms from prior attacks.

Noones App Team Confirms Solana Bridge Exploit

After weeks of investigation by the crypto community and blockchain analysts, Noones founder Ray Youssef publicly acknowledged a breach involving the Solana bridge. However, the team maintained that user funds were secure, despite on-chain evidence disputing these claims.

In an official statement, the Noones team said: “We are aware of reports regarding unusual activity involving NoOnes hot wallets in early January. An exploit occurred on our Solana bridge. Our security teams responded quickly and the situation was immediately controlled. User funds and personal data are safe and a thorough investigation is underway.”

Nonetheless, on-chain evidence of token movements across multiple blockchains directly contradicts assurances of fund safety. Noones App accepts crypto deposits and fintech payment methods, including gift cards, for trading with minimal verification, which amplifies operational risks.

Why Is Noones Website Down? App Background and Growth

Noones App was launched after Ray Youssef’s previous project, Paxful, faced major regulatory hurdles in the US. Despite this background, Paxful remains active and draws more traffic than Noones. Nonetheless, Noones App has gained traction as a non-KYC P2P crypto marketplace, especially among users in emerging markets.

The app quickly reached over 100,000 downloads and maintains a 3.4-star average rating in mobile app stores. Users are drawn to Noones for its ease of use and resemblance to Paxful. The platform has seen robust daily download growth, with notable spikes in recent periods.

While Noones mainly targets the Global South, a significant portion of traffic originates from the United States, with usage continuing to grow. Promotional campaigns have fueled this expansion. The app’s founder emphasized that Noones aims to provide financial access to unbanked markets.

Noones is widely adopted in 60 countries and supports 500 payment gateways. It also extends support to 234 countries and territories, though in some regions only a handful of peers are available for trading. The platform relies primarily on hot wallets for fast exchanges but has experienced regular outages and asset availability issues, explaining intermittent downtime for the Noones website. Most wallet-related issues have reportedly been resolved, though the Solana bridge exploit was omitted from the app’s official incident report.

Conclusion

The Noones exploit exposes key vulnerabilities in unregulated P2P crypto marketplaces. With $7.9 million siphoned off and expertly laundered through mixing services, this incident highlights the critical need for robust hot wallet and bridge security protocols. While the team ultimately admitted to the Solana bridge breach, on-chain evidence of multi-chain asset movements contradicts claims that user funds were fully protected. This event underscores the importance of vigilance and thorough risk assessment before using decentralized exchange apps without KYC, especially those with a history of regulatory issues.

FAQ

Who Owns Noones?

Noones is owned by Nicholas Gregory and Yusuf Nessary, the platform’s co-founders. They created Noones to advance financial freedom within the crypto ecosystem.

What Are Noones Transaction Fees?

Noones charges miner fees for each transaction. These fees cover processing costs and vary by network. The exact amount depends on market conditions and network congestion.