How thousands of Solana wallets were drained in multimillion-dollar exploit

<strong>How thousands of Solana wallets were drained in multimillion-dollar exploit</strong>
Cybercrime

Solana has become the latest victim of a crypto hack after its users reported that their funds were drained from “hot” wallets.

The Solana’s Status Twitter account revealed that an unknown hacker drained funds from about 8,000 wallets on Solana. The loss is estimated to be up to $8 million.

The attack, however, only affected “hot” wallets or wallets connected to the internet. It doesn’t show to be limited to Solana. One of the victims, Justin Barlow, a Solana Venture investor, said that his USDC balance was drained. 

Concerning the attack, a Crypto analyst tweeted that “the attacker is stealing both native tokens (SOL) and SPL tokens (USDC)… affecting wallets that have been inactive for less than 6 months.”

The Solana attack has compromised other wallets like Slope, Phantom, and TrustWallet. Reports had revealed that Solflare users were equally affected, but the platform maintained this hacking exploit hadn’t impacted it. 

Solana, an increasingly used blockchain, warned that the drained wallets must be treated as abandoned and compromised. The company encourages its users to change to “cold” wallets or hardware.

More so, Phantom, a Solana-based wallet, which hits $1.2 billion in valuation in January, states it’s “working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem.”

The Phantom wallet developer added, “At this time, the team does not believe this is a Phantom-specific issue.” 

Slope also said, “it’s actively working on sorting out the issue as rapidly as possible and rectify best we can.”

In the same vein, the NFT marketplace Magic Eden told its users to revoke permissions for suspicious links via their Phantom wallets.

What’s the cause of the hack?

The cause of the hack has remained unclear. However, the Crypto industry leaders like Emin Gün Sirer stated that the transactions were rightly signed, meaning the vulnerability can be a “supply chain attack,” which steals peoples’ private keys. 

Another Crypto investor, @0xfoobar, believes that “it’s likely something has caused widespread private key compromise.” He warned that revoking wallet approvals might not help.

What’s Solana’s reaction?

The Solana’s Status Twitter account says that the issue doesn’t show to be a bug in Solana’s software “but in software used by several software wallets popular among users of the network.” 

Solana also said its engineers “are currently working with multiple security researchers and ecosystem teams to identify the root cause of the exploit, which is unknown at this time.”

Image by kalhh from Pixabay