top of page
Search
Writer's pictureSarah Dixon

Solana Wallets Compromised In Multimillion-Dollar Hack


2022 looks set to be one of the worst years for the crypto markets, which were already dealing with significant bear market sentiment. Now news has emerged that several hackers have targeted the Solana ecosystem, and losses are nearing the billion-dollar mark.


Thousands of users have reported that their funds have been drained from their hot wallets without their knowledge.


An Unprecedented Attack

Thousands of users took to Twitter to report their SOL being stolen from connected hot wallets such as Phantom, Slope, and TrustWallet. With the attack still ongoing, details remain sketchy, but over 8000 wallets have been compromised, according to data sourced from blockchain auditors OtterSec. Several Solana addresses have been linked to the ongoing attack, with the wallets in question amassing millions worth of SOL, SPL, and other Solana-based tokens drained from unsuspecting wallets.

“UPDATE: Over 8,000 #Solana wallets have fallen victim to the ongoing hack, with more increasing by the minute.”

Details Remain Sketchy

The exact cause of the attack remains unknown at present, although community members are scrambling to trace the source of the attack. However, what is clear is that the attack seems to have impacted mobile wallet users the most, with the attacker somehow managing to sign transactions on behalf of users and wallet owners. This suggests that there could be a third-party service that could have been compromised in a supply-chain attack.


The private-key exploit resulted in the hacker stealing native SOL and SPL tokens from hot wallets, most of which had been inactive for more than six months, with Phantom and Slope wallet users being hit the hardest. Twitter user foobar shed some light on the methodology used by the attackers, stating that while the cause of the exploit was unknown, it could be the result of an upstream dependency supply chain attack. He also stated that revoking prior approvals would not help ensure the security of the funds, adding that the only viable option was moving funds to an offline wallet. However, if a hardware wallet is not an option, users can also shift their assets to a reliable centralized exchange for the time being.


Solana Community Reacts

The attack will undoubtedly reignite the debate around hot wallets and their security. Hot wallets are connected to the internet at all times, and while this does ensure some convenience, allowing users to send, receive, and store crypto with ease, it is also susceptible to attacks. Cold wallets, which are offline and must be connected to a device to carry out transactions, are considered much more secure.


While the concerned parties are looking into the exploit, worried users reached out to wallet providers for an update and clarity on the source of the attack. Phantom did provide users an update on Twitter, stating that it was working to figure out the cause of the attack.

“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update.”

Other community members speculated that the exploit could be related to Magic Eden’s Solana-based NFT marketplace, although this link remained doubtful as the attack continued. So far, Magic Eden has not commented on the situation but did tweet out a warning, advising users to revoke permissions from the wallet and move assets to a cold wallet.


“There seems to be a widespread SOL exploit at play that’s draining wallets throughout the ecosystem Here’s what you can do right now to best protect yourself 1. Go to >Settings on your @phantom wallet 2. >Trusted Apps 3. >Revoke Permissions for any suspicious links.”

In a later tweet, it added that it was looking into the exploit to determine its cause.


Solana Price Feels The Pressure

Currently, the primary discourse across crypto Twitter remains around mitigating the damage from the exploit, with experts urging users to transfer their assets to a cold wallet. Solana’s price has also dropped significantly over the past few hours and is down considerably. While the price has recovered from its initial slump, it could drop again as the attack plays out.


A History Of Outages

The Solana ecosystem has had a torrid 2022, with regular outages plaguing the “Ethereum Killer.” In January, Solana crashed for a staggering 48 hours, forcing users to liquidate their holdings and fulfill their loan obligations. The outage was caused due to bots spamming the network, leading to significant congestion on the network, which led to the outage. As a result, DeFi users were unable to top up their loan collateral, forcing them to liquidate their holdings.


Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Comments


bottom of page