Another blow to Solana
Thousands of Solana wallets emptied
Research into the cause is still ongoing
For months, Solana (SOL), one of the top 10 cryptocurrencies, has not stayed out of negative headlines: on the one hand, there were several system crashes, for which critics blame a design error, on the other hand, imputed securities. The company behind the blockchain was shut down due to the illegal sale of . Now a large scale hacker attack has also started.
advertising
Trade Solana and other crypto with leverage (long and short)
Solana and other cryptocurrencies have recently corrected significantly. Trade crypto like Bitcoin or Ethereum with leverage at Germany’s No. 1 CFD provider and participate in rising and falling prices.
Loss of millions due to hackers
The hacker’s attack began on August 2 and caused millions in losses: anonymous attackers were apparently able to transact with tokens as if they were owners through an unknown vulnerability. This suggests compromise of the private key.
In this connection, thousands of hot wallets were emptied and coins worth lakhs were stolen. The stolen cryptocurrencies are said to include both Solana’s SOL token and compatible currencies such as USD Coin (USDC). Wallet apps Phantom and Slope are said to be particularly affected, but users of SoulFlare and Trust Wallet are also. It is not yet clear whether compensation will be given to the victims.
An exploit allowed a malicious actor to withdraw funds from multiple wallets on Solana. As of 5 am UTC around 7,767 wallets have been affected.
The exploit has affected many wallets, including the Slope and the Phantom. It seems that both mobile and extension have been affected by this.
— Solana Status (@SolanaStatus) 3 August 2022
background still unclear
The nature of the hack is still being speculated. According to Solana, however, it does not consider it a bug in the Solana network itself – neither the Solana protocol nor its cryptography has been compromised. Rather, only popular wallet software is affected. Victims should consider tampering with their wallet and stop using it.
This does not appear to be a bug with the Solana core code, but in the software used by several software wallets popular among users of the network.
update will be posted https://t.co/ivyoIbdCDP as they become available. 2/2
— Solana Status (@SolanaStatus) 3 August 2022
Solana is still working on a clarification, but Solana’s CEO Anatoly Yakovenko has already tweeted that he believes a “supply chain attack” (supply chain) attack is possible, which is the case with Apple and Android phones. but affects the virtual wallet. In this type of attack, a hacker injects malicious software into an operating system, gaining access to information such as the private key for a virtual wallet.
Android also seems to be affected. The keys for all confirmed stories so far have been imported or generated on mobile. Most reports are sloppy, but there are some phantom users.
— SMS aey.sol, (@aeyakovenko) 3 August 2022
In another tweet, the Solana project explained that the wallet software Slope may have compromised the private key and was therefore responsible for the theft. A preliminary analysis revealed that all affected addresses were either created using Slope’s mobile wallet application, imported or temporarily managed within this app.
After investigation by developers, ecosystem teams and security auditors, it appears that the affected addresses were at one point created, imported or used in the Slope mobile wallet application. 1/2
— Solana Status (@SolanaStatus) 3 August 2022
What can Solana owners do?
One way to protect against this attack could be to transfer funds to a hardware wallet that is not connected to the Internet, as these have not been affected by the exploit so far. Crypto exchanges were probably also unaffected. Hence, Solana advises its users to quickly switch to either of these two options.
editorial office finanzen.net
Image source: Skorzewiak/Shutterstock.com, Alexandra Sova/Shutterstock.com
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.