- Hackers have drained more than $6 million from over 7,000 wallets.
- Phantom has started investigations as SOL suffers a drop of 4 percent.
The Solana ecosystem has suffered another vast crypto exploit based on multiple new reports. According to these reports, more than 7,000 Phantom wallets have been affected, with hackers draining more than $6 million. The reports also say that hackers compromise a wallet every 20 minutes.
1/ 🧵Here’s what you should know regarding The Great Drain: #Solana Wallet Exploit:
— Kiyomi (104) (@kiyomiwallet) August 3, 2022
However, no one knows the amount the hackers have stolen, as the amount stated above were random estimates from users who reported a loss of funds from their wallets. The best option for users who still have funds in their Phantom wallets is to send such funds to an exchange or transfer them to a hardware wallet. Solana has admitted that the exploit happened. However, it adds that it has commenced an investigation of the matter.
The Ethereum layer-1 competitor affirmed that there is no proof that any hardware wallet has been affected. An official statement from the network reads, “investigation is ongoing about the affected wallets on Solana through a combination of efforts from engineers of various ecosystems and multiple security firms.”
Phantom is investigating the incident
Meanwhile, Phantom has also commenced a separate investigation on the matter. The Phantom wallet is a Solana-built wallet for DeFi projects and NFTs. The Phantom team further notes that the exploit affected another Solana-built wallet.
Indeed, Phantom’s claims may be correct because some slope wallet users also report an exploit on their accounts. The Slope wallet is a web-based crypto wallet for connecting Solana dApps securely. Part of Phantom’s press release states that the team has enlisted the help of other teams to identify the cause of the security breach.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
As soon as we gather more information, we will issue an update.
— Phantom (@phantom) August 3, 2022
It also states that it would continue to provide updates on the incident as it finds new information. Solana blockchain has suffered various hacker attacks in the last 12 months. Hence, many industry players are now calling the blockchain’s reputation into question.
The latest exploit has negatively affected Solana’s governance token, SOL. Our data shows that SOL is down 4.46 percent in the last 24 hours and trades at $38.67. Emin Gun Sirer (Ava Labs founder) has shared insights into how the hackers could have succeeded with the exploit.
There’s an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it’s very early and the attack is ongoing, there’s a lot of misinformation and speculation. So here are a few thoughts and clarifications.
— Emin Gün Sirer🔺 (@el33th4xor) August 3, 2022
Sirer said a supply chain attack involving the hack of a JS library is one possible way. He added that hackers could use this method to steal users’ private keys. Most of the affected wallets were those created in the last nine months. However, some new account users have also reported a compromise on their accounts.
As some suggestions, the Ava Labs founder said the hacker couldn’t have used a faulty random number generator for this purpose. He explained that there is now more enlightenment about the do’s and don’t of the private keys’ generation compared to ten years ago. Sirer said he would be surprised if the security report about the incident showed that the hacker was ‘cracking’ users’ private keys.