More Than 8,000 Solana Wallets Are Reportedly Drained Of More Than $8 million In Exploit
Solana, an increasingly popular blockchain known for its speedy transactions, has become the target of the crypto sphere’s latest hack after more than 8,000 solana wallets are reportedly drained of more than $8 million in exploit.
The attack according to Techcrunch – which has only affected only “hot” wallets or wallets that are always connected to the internet, allowing people to store and send tokens easily – does not appear to be limited to Solana. Justin Barlow, an investor at Solana Ventures, reported that his USDC balance was drained as well. Crypto analyst @0xfoobar confirmed that “the attacker is stealing both native tokens (SOL) and SPL tokens (USDC)… affecting wallets that have been inactive for less than 6 months.”
The attack has compromised other wallets including Phantom, Slope, Solflare, and TrustWallet. Wallets drained should be treated as compromised and abandoned, Solana warned as it encouraged users to switch to hardware or “cold” wallets.
Phantom, a fast-growing Solana-based wallet that hit $1.2 billion in valuation in January, said it’s “working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem.”
“At this time, the team does not believe this is a Phantom-specific issue,” the wallet developer says.
Slope added that it is “actively working to sort out the issue as rapidly as possible and rectify best we can”, while non-fungible token (NFT) marketplace Magic Eden called on users to revoke permissions for any suspicious links in their Phantom wallets.
The cause of the attack remains unclear, but industry leaders including Emin Gün Sirer, founder of another popular blockchain Avalanche, pointed out that the transactions were properly signed, which means the vulnerability could be a “supply chain attack” that manages to steal users’ private keys. @0xfoobar added that “it’s likely something has caused widespread private key compromise”, and warned that revoking wallet approvals will probably not help.
Solana spokesperson Chris Kraeuter declined to answer our questions but referred us to Solana’s Status Twitter account, which states that the issue does not appear to be a bug in Solana’s software “but in software used by several software wallets popular among users of the network.” The company added that its engineers “are currently working with multiple security researchers and ecosystem teams to identify the root cause of the exploit, which is unknown at this time.”
The Solana attack comes just hours after malicious actors abused a “chaotic” security exploit to steal almost $200 million in digital assets from cross-chain messaging protocol Nomad. The “free-for-all” attack, which saw more than 41 addresses drain $152 million — 80% of the stolen funds – was made possible by a recent update to one of Nomad’s smart contracts that made it easy for users to spoof transactions.