2022 looks set to be one of the worst years for crypto markets, which are already dealing with severe bear market sentiment. Now word comes that several hackers have attacked the Solana ecosystem, with losses approaching the billion dollar mark.
Thousands of users reported that their funds had been drained from their hot wallets without their knowledge.
Thousands of users reported their SOLs being stolen from connected hot wallets such as Phantom, Slope, and TrustWallet on Twitter. Details are still sketchy as the attack is still ongoing, but more than 8,000 wallets have been compromised, according to data from blockchain auditor OtterSec. Several Solana addresses were implicated in the ongoing attack, and the wallets in question accumulated millions of dollars worth of SOL, SPL, and other Solana-based tokens that were drained from unsuspecting wallets.
“Update: Over 8,000 #Solana wallets have fallen victim to ongoing hacks and counting.”
Details are still sketchy
While community members are scrambling to track down the source of the attack, the exact cause of the attack is not yet known. What is clear, however, is that this attack appears to have affected mobile wallet users the most, with the attacker somehow managing to sign transactions on behalf of both the user and the wallet owner. This suggests that there may be third-party services that could be compromised in a supply chain attack.
The private key exploit led to hackers stealing native SOL and SPL tokens from hot wallets, most of which had been sitting idle for more than six months, with Phantom and Slope wallet users being the hardest hit. Twitter user foobar shed light on the methods used by the attackers, saying that while the reason for the attack is unclear, it may be the result of an upstream-dependent supply chain attack. He also said that revoking prior approval would not help secure the funds, adding that the only viable option was to transfer the funds to an offline wallet. However, users can also temporarily transfer their assets to a reliable centralized exchange if hardware wallets are not an option.
Solana Community Response
This attack will undoubtedly reignite the debate around hot wallets and their security. A hot wallet is always connected to the internet, and while this does ensure some convenience, allowing users to easily send, receive, and store cryptocurrencies, it is also vulnerable to attack. Cold wallets are offline and must be connected to the device to conduct transactions and are considered more secure.
While the vulnerability is under investigation, concerned users contacted wallet providers for updates and information to clarify the source of the attack. Phantom did provide an update to users on Twitter, saying it was working to figure out the cause of the attack.
“We are working closely with other teams to pinpoint reported vulnerabilities in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue. We will release an update once we gather more information.”
Other community members have speculated that the vulnerability may be related to Magic Eden’s Solana-based NFT marketplace, although the connection remains in doubt as the attack continues. Magic Eden has so far not commented on the situation, but did issue a warning advising users to revoke the wallet’s permissions and transfer assets to cold wallets.
“There appears to be a widespread SOL exploit at work that is draining wallets across the ecosystem Here are the best things you can do to protect yourself right now 1. Go to > Settings on your @phantom wallet 2 . > Trusted Apps 3. > Revoke permissions for any suspicious links.”
In a later tweet, it added that it was investigating the breach to determine its cause.
Solana Price feels the pressure
For now, the main discussion on Crypto Twitter remains around mitigating the damage caused by the exploit, with experts urging users to move their assets to cold wallets. The price of Solana has also dropped significantly over the past few hours, and it has fallen significantly. While the price has recovered from the initial slump, it may drop again as the attack progresses.
This Solana Ecosystem After a hot 2022, frequent outages plagued “Ethereum killers.” In January, Solana crashed for a staggering 48 hours, forcing users to liquidate their assets and meet their loan obligations. The outages were caused by bots spamming the network, causing severe network congestion, resulting in outages. As a result, DeFi users were unable to top up their loan collateral, forcing them to liquidate their holdings.
Disclaimer: This article is for informational purposes only. It is not intended or intended to be used as legal, tax, investment, financial or other advice.