The Right Place to Buy, Earn, Exchange and Borrow against Your Crypto.

Get Started
Over 8K Solana wallets drained of funds, $10M estimated missing Over 8K Solana wallets drained of funds, $10M estimated missing

Over 8K Solana wallets drained of funds, $10M estimated missing

The attack mostly affected mobile Solana wallets and most of the breach reports came from Phantom and Slope users.

Over 8K Solana wallets drained of funds, $10M estimated missing

Cover art/illustration via CryptoSlate

Over 8000 Solana (SOL) wallets were drained of millions by an exploit that started in the late hours of August 2.

However, Peckshield noted that the total loss is estimated to be less than $10 million if the value of illiquid coins involved in the attack is removed.

The attack mostly affected mobile Solana wallets connected to the internet like Phantom, Solflare, TrustWallet, and Slope. But most of the breach reports came from Phantom and Slope users.

The cause of the exploit and the hackers’ identity remain unknown.

Meanwhile, four wallets have been identified to be holding all the stolen funds.

The exploit has been draining Solana, other Solana-based tokens, and USDC. Otter added that the exploit has also affected some Ethereum (ETH) users.

The cause of the attack is still unknown

The crypto community remains at a loss on the cause of this exploit.

Solana Foundation’s co-founder Anatoly Yakovenko posited that the exploit “seems like an iOS supply chain attack,” a view shared by some other community members.

According to Christine Kim, a supply chain attack “is like a Trojan horse style attack in that a hacker slides in malicious code without anyone noticing to one of the GitHub repos or libraries that the targeted application/product relies on and uses.”

Emin Gün Sirer, Ava labs CEO, mentioned four possible causes of the exploit. According to him, the attack could have been caused by a “supply chain attack,” a “faulty random number generator,” or a “browser exploit/zero-day.”

However, these reasons have a different loophole that makes it difficult to pin the attack on any of them.

Sirer continued that the possible cause of this hack could be “a potential nonce reuse that ends up revealing the private key.”

Blockchain security firm OtterSec had written that the transactions were “being signed by the actual owners, suggesting some sort of private key compromise.”

Solana, Phantom, and Slope have revealed that they are investigating the exploit and will provide further information soon.

Meanwhile, users have been advised to stop using the compromised wallet. The network advised users to use a hard wallet, while some community members also said sending the tokens to a centralized exchange could protect the funds.

Solana nodes are down

Available information also revealed that Solana nodes are currently down. The nodes were reportedly placed under a DDoS attack to slow down the hacker.

Meanwhile, the Solana blockchain is still running.

However, crypto community members have questioned the rationale behind the attack as the hacker could continue with the exploit when the network resumes full operation.

As of press time, Solana’s network has lost around 2% of its value in the last 24 hours and is currently trading for $39.87.

Posted In: , Hacks