3 August 2022

Thousands of Solana wallets drained in yet another multimillion exploit


Thousands of Solana wallets drained in yet another multimillion exploit

Solana, a popular blockchain known for its speedy transactions, has been victim of yet another crypto hack, with users reporting that their funds have been stolen from internet-connected Solana “hot” wallets, including Phantom, Slope and TrustWallet.

According to Solana’s account on Twitter, approximately 7,767 wallets have been affected, impacting both users of mobile and browser extensions. There is no evidence hardware wallets were impacted, Solana said.

At the same time, blockchain security firm MistTrack reported that more than 8,000 wallets have been affected. So far, the loss is estimated to be more than $8 million. A number of Solana addresses have been linked to the attack, with those addresses amassing around $5 million worth of SOL, SPL, and other Solana-based tokens.

Wallets drained should be treated as compromised and abandoned, Solana warned as it encouraged users to switch to hardware or “cold” wallets.

The exact cause of the hack is unclear at this point, though some experts suggest that given that transactions were properly signed, a supply chain attack could be involved that managed to steal users’ private keys.

It’s also not clear, if the vulnerability is limited only to the Solana blockchain. A TrustWallet and Slope wallet user reported losing USDC on both Solana and Ethereum.

The developers of Phantom wallet said that they are “working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem.” The team said they don’t believe this is a Phantom-specific issue.

The news of the Solana attack comes less than a day after a similar incident affecting the Nomad bridge has been reported, in which attackers drained almost all the funds in the wallet. According to estimates, the total value of cryptocurrency stolen in the attack is close to $200 million.

Back to the list

Latest Posts

Cyber security week in review: September, 30

Cyber security week in review: September, 30

Unpatched Microsoft Exchange zero-days exploited in hacker attacks, Meta dismantles a sprawling Russia-linked disinformation network, and more.
30 September 2022
Covert hacker attack targets military contractors

Covert hacker attack targets military contractors

The campaign reportedly targeted a strategic supplier to the F-35 Lightning II fighter aircraft.
29 September 2022
Leaked LockBit 3.0 builder is already being used in ransomware attacks

Leaked LockBit 3.0 builder is already being used in ransomware attacks

The builder includes a configuration file that can easily be customized to use different ransom notes, statistics servers, and features, allowing anyone to create their own ransomware.
28 September 2022