Squads warned of the risk of address poisoning attacks, stating that there have been no financial losses so far and that a whitelist mechanism will be introduced.

CoinFeed reported on April 14th that Squads, a multi-signature protocol within the Solana ecosystem, announced on the X platform that its team has discovered an address poisoning attack targeting Squads users, but there is currently no evidence that any users have been affected. The attackers programmatically create new multi-signature accounts containing existing Squads users as members using publicly available on-chain public keys. Simultaneously, the attackers generate public keys whose first and last characters match the user's real multi-signature address through collision detection, making the forged account appear legitimate on the interface. The attack aims to mislead users into mistaking the forged multi-signature for a real account, transferring funds to its address or signing unauthorized transactions. Squads emphasizes that this is not a protocol vulnerability; the attackers cannot access user funds or modify existing multi-signatures; it is purely a social engineering attack at the interface level. Users should ignore any multi-signature accounts that have not been created or added by the team, and verify addresses completely rather than relying on first and last character matching.