A hack has resulted in the loss of up to $8 million in funds from a number of Solana-based e-wallets.
At the time of writing this article, Solana (SOL) is trending on Twitter as countless users are informing about the hack as it unfolds, or are reporting that they have lost funds themselves, warning anyone with Solana-based online wallets, such as Phantom and Slope wallets, to move their funds to offline wallets.
Blockchain researcher PeckShield said on August 2 that the hack is likely due to a “supply chain issue” that has been exploited to steal users’ private keys from the affected wallets. He said the estimated loss so far is around $8 million.
#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind affects wallets. So far, the loss is estimated to be $8M, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued $570M) pic.twitter.com/aTGNsTc6d8
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
#PeckShieldAlert. The Solana wallets hack is likely due to a supply chain issue that has been exploited to steal/discover the private keys of the users behind the affected wallets. So far, the loss is estimated at $8 million, excluding one illiquid shitcoin (it only has 30 holds and may be misvalued at $570 million).
Solana-based wallet providers, including Phantom and Slope, and non-fungible token (NFT) marketplace Magic Eden are among those who have commented on the issue, and wallet provider Phantom noted that it is working with other teams to get to the bottom of the issue, though it says it “doesn’t believe this is a Phantom-specific issue” at this stage.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
As soon as we gather more information, we will issue an update.
— Phantom (@phantom) August 3, 2022
Phantom noted that it is working with other teams to get to the bottom of the issue, though it says it “doesn’t believe this is a Phantom-specific issue” at this stage.
magic eden confirmed reports earlier in the day stating that “there appears to be a SOL exploit that is draining wallets across the ecosystem”, while asking users to revoke the permissions of any suspicious links in their Phantom wallets.
Slope said that it is currently working with Solana Labs and other Solana-based protocols to to locate the problem and rectify italthough “there are still no great advances”.
Still war-rooming through it. No major breakthroughs yet. Will follow up as soon as possible with any better conclusions and/or recommended practices.
— Slope (@slope_finance) August 3, 2022
It is still being worked on. However, there is still no great progress. We will follow up as soon as possible with any important findings and/or best practices.
Twitter user @nftpeasant said that $6 million worth of funds were siphoned from Phantom wallets during a 10-minute period on August 2. It appears that a Phantom user had $500,000 worth of USDC drained from his account.
???!!! https://t.co/sBDgxqGyaw
— Matthew Graham (@mattysino) August 2, 2022
The popular scam detective and self-styled “on-chain detective” @zachxbt also did some digging and revealed to his 274,800 followers that hackers initially funded the main wallet associated with this attack through Binance seven months ago.
The transaction history shows that the wallet remained inactive until today before the hackers made transactions with four different wallets 10 minutes before the attack began.
Scammers wallet funded via Binance 7 months agohttps://t.co/5gQbObcsg4 https://t.co/sco5SPBrne pic.twitter.com/AL6Hm4F3R3
— ZachXBT (@zachxbt) August 3, 2022
The scammers wallet was funded through Binance 7 months ago:
There have also been different reports on how many wallets have been affected and the extent of the damage so far.
The cryptocurrency tracking and compliance platform Mist Track claimed via Twitter that as many as 8,000 wallets have been hacked, with $580 million being sent to four addresses, however, those commenting on the post are skeptical about the number.
For his part, the CEO and founder of Ava Labs, Emin Gun Sirer, stated that the figure was more than 7,000 wallets, a number that is increasing at the rate of about 20 per minute. He said that he believes that Since the transactions appear to be properly signed, “it is likely that the attacker has gained access to the private keys.”
There’s an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it’s very early and the attack is ongoing, there’s a lot of misinformation and speculation. So here are a few thoughts and clarifications.
— Emin Gün Sirer (@el33th4xor) August 3, 2022
There is an ongoing attack targeting the Solana ecosystem. More than 7,000 wallets have been affected, and they are increasing at 20 per minute. As it is very early days and the attack is ongoing, there is a lot of misinformation and speculation. So here are some thoughts and clarifications.
Cointelegraph has reached out to Phantom for comment on the matter and will update the story if the firm responds.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.