I’m reporting a suspected malicious application hosted on Railway that was used in a Solana wallet drain incident.

Affected domain:
evans-production-60b6.up.railway.app

Summary:
An individual directed me to this app and walked me through connecting my wallet. Interaction with the app resulted in an unauthorized transfer of funds.

Impact:

• Loss of funds from a Solana wallet

• Unauthorized signing triggered through this app

Evidence available (not posting publicly):

• On-chain transaction signatures

• Destination wallet(s)

• Network logs

• Chat logs with the operator

This is not a request for debugging help.
I am requesting Railway staff review this service for abuse and advise on a secure way to submit evidence.

I’m intentionally limiting details here to avoid public exposure of an active incident.