Aug 3, 2022 at 03:18A major exploit was discovered in the Solana blockchain. About 8,000 wallets were emptied, and the number is only growing. Solana auditor OtterSec reported it on Twitter. His analysis showed that the owner signed the transactions, which suggests that the private key was compromised, and this is not a joke.
Experts estimate that the criminals stole about $6–8 million from wallets such as Phantom, Trust Wallet, and Slope during a massive hacker attack.
What’s happened
According to Twitter reports, wallets that have been inactive for more than six months have been hit the hardest. Users of Phantom and Slope wallets are reporting a loss of funds.
“We are working closely with other teams to get to the bottom of a discovered vulnerability in the Solana ecosystem. At this time, the team doesn’t believe it is a Phantom-specific issue,” said Phantom representatives.
The brand new newsletter with insights, market analysis and daily opportunities.
Let’s grow together!
How exactly the scammers have got access to the assets is unknown, but the experts have several guesses:
- fraudsters managed to compromise private keys;
- the hack occurred because the wallet was tied to a particular site;
- the attack is related to the NFT marketplace based on Solana — Magic Eden.
The platform representatives also said it investigates a “widespread SOL exploit” and urged Solana users to revoke their wallet permission for suspicious applications.
Gaming company Star Atlas warned its community of users, stating that a large-scale attack on Solana was underway and advising users to revoke permissions for all applications in their wallets and move funds to cold storage.
What does Solana say?
The Solana Foundation noted that hardware wallets did not appear to be affected. Based on currently available information, Solana Labs communications manager Austin Federa said a “potential supply chain attack” could be to blame. He suggested that several wallets may have software dependency, as attackers could have signed transactions that drained the wallets without tricking users into giving up their funds, as is often the case with other cryptocurrency exploits.
“It’s probably not protocol level. Some Ethereum Trust Wallet users were reportedly affected,” he added.
Solana Labs co-founder and CEO Anatoly Yakovenko responded to the incident, urging affected users to provide information.
How to protect your money?
Binance CEO Changpeng Zhao confirmed that more than 7,000 wallets had already been affected and advised users to transfer funds from hot wallets to cold or centralized exchanges (CEX).
There is an active security incident on Solana. Many (7000+ and counting) wallets are drained of SOL & USDC. Don’t know root cause yet. Maybe permissions granted to apps. For remediation, send the funds to a cold wallet or CEX like @Binance.
There is an active security incident on Solana. Many (7000+ and counting) wallets are drained of SOL & USDC. Don’t know root cause yet. Maybe permissions granted to apps. For remediation, send the funds to a cold wallet or CEX like @Binance. https://t.co/nQrBXAgCbf
— CZ 🔶 Binance (@cz_binance) August 3, 2022
Users have already begun to make jokes about it.
The conclusion is that you should:
- untie your wallets from all trusted sites;
- go to settings → trusted apps → remove all trusted apps;
- withdraw tokens to an exchange or other new wallet;
- keep your funds in a cold or clean wallet that is not used anywhere.
You can find more information about how what you have to do here.
The Solana Foundation also asked affected users to fill out a survey to help the engineers investigating the incident find the root cause.
According to the latest data, users incurred losses in SOL, USDC and SPL of ~$10 million.
Are there any victims among you or your acquaintances?
9
