Solana attack: The Solana network suffered a multi-million dollar attack on Wednesday as horrified users came to the realization that their wallets had been drained of all their funds.
The hacker successfully drained around $6 million in a smash and grab raid on user wallets.
The exact vector of the attack remains unknown, with speculation mounting as to the cause of the vulnerability.
Solana Attack: A Sudden Emerging Crisis
Solana ecosystem contributor @SolportTom was among the first to raise the alarm about the exploit on Twitter.
“There wasn’t any mint that happened at the time of the drain,” said Tom on Aug 3. “The transactions look like normal transfers, not transfers from a contract. This is eco-system wide, people speculating that it has to do with a gambling service.”
While some users were quick to connect the hack to Phantom wallet, the company just as quickly denied such claims.
“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem,” said Phantom. “At this time, the team does not believe this is a Phantom-specific issue.”
Crypto Twitter user and crypto developer @0xfoobar had his own theory on the cause, linking the attack to a widespread private key compromise. According to foobar both Phantom and Slope wallets are affected, lending some credibility to Phantom’s claims.
“The solution is to transfer assets into a wallet which has never exposed a private key to potentially vulnerable browser extensions,” said foobar. “That means hardware wallets, nothing else.”
Send to Cold wallet and Revoke Access
In the absence of a firm explanation for the attack Solana users have been advised to revoke access to everything and send all of their cryptocurrency to a hardware wallet. For users without a hardware wallet, sending all funds to a centralized custodial exchange is an acceptable temporary workaround.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.