Thousands of Solana wallets are targeted by the multi-million dollar hack

    03 Aug 2022
    358 Views

    The Solana ecosystem suffered the multimillion-dollar hack, with users reporting that their funds have been drained silently from major internet-connected “hot” wallets, including Phantom, Slope, and TrustWallet. So far, at least 8,000 wallets have been affected, with about $8 million lost, but the source of the attack remains unknown.

    On August 3 night, an unknown attacker drained thousands of wallets containing more than $8 million worth of Solana and other tokens. The hack seemed to originate on the Solana browser wallet Phantom and was believed to compromise user keys – possibly involving seed phrases that were re-used among wallets on different chains.

    “Over 5,000 Solana wallets have been drained in the past few hours,” reported blockchain audit firm OtterSec. “These transactions are being signed by the actual owners, suggesting some sort of private key compromise.”

    Later, Watcher Guru updated the count to 8,000. Meanwhile, the team behind the “PeckShieldAlert” security browser extension has estimated a loss of about $8 million.

    “We are actively communicating with the affected wallet teams to offer our help and monitor if there is anything we can do to keep our users safer,” a spokesperson for the Ethereum wallet MetaMask stated.

    The first reports pointed to the Solana browser wallet Phantom and the Solana ecosystem. According to CoinMarketCap, the news has caused an 8% drop in Solana’s value in the two hours.

    “There’s an unknown $SOL exploit currently draining random Phantom wallets,” crypto investor and analyst Miles Deutscher noted. “$6m currently stolen. If you have funds on Phantom, make sure to revoke all permissions + move to a hardware wallet.”

    Solana NFT marketplace Magic Eden also tweeted a warning concerning the exploit, providing instructions to remove permissions for suspicious links.

    “There seems to be a widespread SOL exploit at play that’s draining wallets throughout the ecosystem,” Magic Eden said.

    Phantom also reported it is investigating the exploits.

    “We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem,” Phantom wrote on Twitter. “At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update.”

    Meanwhile, crypto exchange Bybit said it has temporarily suspended deposit and withdrawal of assets on the Solana blockchain to protect our clients due to the widespread Solana exploit.

    You can follow the situation in the thread constantly updated.

    The affected wallets are currently showing on the Dune Analytics webpage. If your wallet is on the affected list, you can fill out this survey to help with the investigation.

    Leave a Reply

    Your email address will not be published. Required fields are marked *