Solana, an increasingly popular blockchain known for its fast transactions, has become the target of the latest hack in the crypto space after users reported that funds had been drained from internet-connected “hot” wallets.
Solana’s Status Twitter account, as of 5 a.m. UTC on Wednesday, an unnamed actor had withdrawn funds from 7,767 wallets on the Solana network Say. However, the crypto tracker of blockchain security firm SlowMist Sure Over 8,000 wallets were emptied.it is estimated Losses to date are about $8 million.
The attack only affects “hot” wallets, or wallets that are always connected to the internet, allowing people to easily store and send coins — and it doesn’t appear to be limited to Solana. Solana Ventures investor Justin Barlow, report His USDC balance was also depleted.crypto analyst @0xfoobar Confirmed “Attackers are stealing native tokens (SOL) and SPL tokens (USDC)…affecting wallets that have been decommissioned for less than 6 months.”
The attack has compromised other wallets, including Phantom, Slope, Solflare, and TrustWallet. Solana warns that drained wallets should be considered compromised and abandoned, as it encourages users to switch to hardware or “cold” wallets.
Phantom, a fast-growing Solana-based wallet, hit a $1.2 billion valuation in January, Say It is “working closely with other teams to identify reported vulnerabilities in the Solana ecosystem.”
“Currently, the team does not believe this is a Phantom-specific issue,” the wallet developer said.
Slope added that it is “actively working to resolve the issue as quickly as possible and correct it as best we can,” while non-fungible token (NFT) marketplace Magic Eden is calling on users to revoke permissions for any suspicious links in their Phantom wallets.
The reason for the attack is unclear, but industry leaders including Emin Gün Sirer, founder of another popular blockchain Avalanche, point out The transactions were signed correctly, which means the vulnerability could be a “supply chain attack” that could steal users’ private keys. @0xfoobar added that “it’s quite possible that something led to the widespread private key compromise”, warning that revoking wallet approval may not help.
Solana spokesman Chris Kraeuter declined to answer our questions but directed us to Solana’s Status Twitter account, which said the company’s engineers “are currently working with multiple security researchers and ecosystem teams to determine the root cause of the exploit. The reason is still unclear.”
The Solana attack came hours after malicious actors abused a “mess” security flaw to steal nearly $200 million in digital assets from cross-chain messaging protocol Nomad. The “free” attack resulted in the loss of $152 million (80% of the stolen funds) over 41 addresses due to a recent update to a Nomad smart contract that made it easy for users to spoof transactions.
This is a developing story.
