Solana blockchain suffers major exploit, thousands of Phantom wallets compromised

  • Hackers have drained more than $6 million from over 7,000 wallets.
  • Phantom has started investigations as SOL suffers a drop of 4 percent.

The Solana ecosystem has suffered another vast crypto exploit based on multiple new reports. According to these reports, more than 7,000 Phantom wallets have been affected, with hackers draining more than $6 million. The reports also say that hackers compromise a wallet every 20 minutes.

However, no one knows the amount the hackers have stolen, as the amount stated above were random estimates from users who reported a loss of funds from their wallets. The best option for users who still have funds in their Phantom wallets is to send such funds to an exchange or transfer them to a hardware wallet. Solana has admitted that the exploit happened. However, it adds that it has commenced an investigation of the matter.

The Ethereum layer-1 competitor affirmed that there is no proof that any hardware wallet has been affected. An official statement from the network reads, “investigation is ongoing about the affected wallets on Solana through a combination of efforts from engineers of various ecosystems and multiple security firms.”

Phantom is investigating the incident

Meanwhile, Phantom has also commenced a separate investigation on the matter. The Phantom wallet is a Solana-built wallet for DeFi projects and NFTs. The Phantom team further notes that the exploit affected another Solana-built wallet.

Indeed, Phantom’s claims may be correct because some slope wallet users also report an exploit on their accounts. The Slope wallet is a web-based crypto wallet for connecting Solana dApps securely. Part of Phantom’s press release states that the team has enlisted the help of other teams to identify the cause of the security breach.

It also states that it would continue to provide updates on the incident as it finds new information. Solana blockchain has suffered various hacker attacks in the last 12 months. Hence, many industry players are now calling the blockchain’s reputation into question.

The latest exploit has negatively affected Solana’s governance token, SOL. Our data shows that SOL is down 4.46 percent in the last 24 hours and trades at $38.67. Emin Gun Sirer (Ava Labs founder) has shared insights into how the hackers could have succeeded with the exploit.

Sirer said a supply chain attack involving the hack of a JS library is one possible way. He added that hackers could use this method to steal users’ private keys. Most of the affected wallets were those created in the last nine months. However, some new account users have also reported a compromise on their accounts.

As some suggestions, the Ava Labs founder said the hacker couldn’t have used a faulty random number generator for this purpose. He explained that there is now more enlightenment about the do’s and don’t of the private keys’ generation compared to ten years ago. Sirer said he would be surprised if the security report about the incident showed that the hacker was ‘cracking’ users’ private keys.

Related: After community backlash, Solana-based Solend protocol withdraws decision to control whale account