Nearly 8,000 Solana (SOL) wallets were emptied as a result of a suspected attack. Crews are investigating the root cause of the incident. In this article, we will cover the latest developments regarding the attack and the affected coins…
8,000 Solana wallets hacked
Hackers emptied thousands of Solana wallets in an ongoing attack. Reports of attackers stealing funds from wallet users of the layer 1 Blockchain surfaced on Twitter early Wednesday. While the exact scale of the damage is unknown, Solana confirmed that at least 8,000 wallets were affected. The Solana Foundation tweeted late at night that it was investigating the incident. The hackers targeted both Phantom and Slope wallet users. Both teams made statements to confirm that they were investigating the incident.
Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted.
This thread will be updated as new information becomes available.
— Solana Status (@SolanaStatus) August 3, 2022
Phantom said that “the team do not believe this is a Phantom-specific issue.” NFT marketplace Magic Eden also said it’s investigating a “common SOL exploit.” SOL urged its users to revoke their wallet permissions for any suspicious connection. Likewise, Star Atlas stated that users should withdraw their assets to a cold wallet.
Solana’s CEO urged users to provide information
cryptocoin.com As we have also reported, hardware wallets are not affected. Based on the information currently available, Solana Labs communications lead Austin Federa said a “potential supply chain attack” could be to blame. Some Ethereum TrustWallet users were reportedly affected. But it is still unclear whether they were targeted as part of the same violation.
A software dependency shared by several software wallets. Since the drains are self-signed, the attackers are somehow able to self-sign transactions.
Since we see no hardware wallets impacted, it's likely not protocol level.
— Austin federa (@Austin_Federa) August 3, 2022
Anatoly Yakovenko, co-founder and CEO of Solana Labs, also commented on the event. He urged affected users to provide information. Because, it is stated that most of the targeted wallets consist of those that have been inactive for 6 months. The Solana Foundation also asked affected users to complete a questionnaire to help engineers investigating the incident find the root cause. The total amount stolen is still unknown, although it is believed to be in the millions of dollars. SOL is damaged by the attack. It has lost close to 5% in the last 24 hours.
looking for folks who were effected by the attack, but only received sol or tokens into the wallet and never transacted more than once, never reused their mnemonic key anywhere else.
— toly 🇺🇸 (@aeyakovenko) August 3, 2022
Which coins were stolen?
It is stated that most of the assets stolen in the Solana hack consisted of SOL and USD Coin. SOL explained that the exploit affected mobile and browser extensions. But he said there was no sign that hardware wallets were affected. Solana is still investigating with its engineers and security firms. Crypto security firm PeckShield said the attack resulted in an estimated $8 million in losses.
#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind affects wallets. So far, the loss is estimated to be $8M, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued $570M) pic.twitter.com/aTGNsTc6d8
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Solana-based crypto wallet Phantom said the situation is not a Phantom-specific issue. However, he noted that the project is “evaluating the incident that impacted the SOL wallet.” He said he worked closely with other teams in the ecosystem to find the truth. Crypto security firm OtterSec stated that transactions from these stolen wallets were signed by the real owners and there was a private key leak. He said that this vulnerability could also affect ETH users.
