Solana Hot Wallets Suffer Ongoing Attack, Roughly $5M Stolen Thus Far

Screen Shot 2022 08 03 at 1.29.58 PM 860x453 1

We’re on the heels of cross-chain bridge Nomad suffering a demolishing hack earlier in the week, and now hackers are doubling down with an attack on Solana hot wallets mid-way through the week. On Tuesday afternoon, reports emerged of some sort of vulnerability that was taking advantage of Solana-based wallets. Approaching 24 hours later, there are still quite a bit of unknowns, and we’re approaching nearly $5M of hacked funds.

Let’s take a look at what we do know so far.

A Solana Scare

Nearly 10,000 wallets across mobile users utilizing both Slope and Phantom (two of the leading Solana wallets) fell victim to this week’s hack in what is seemingly a result of poor user privacy management. While reputable users in crypto Twitter are still working on a post-mortem, a Dune Analytics dashboard created by @tristan0x shows a visual of how quickly things developed; while activity on Wednesday has been at a standstill, there is still cloudy forecasts around whether or not this vulnerability is still active.

General crypto Twitter consensus thus far has pointed towards Slope as being the domino to fall here; the platform’s latest correspondence on Twitter, from Tuesday, states that they are “actively working to sort out the issue as rapidly as possible and rectify best we can.” On Wednesday, Slope released a message to users that was reposted by reputable crypto Twitter user foobar:

Despite abundant question marks around Solana security, the price of the SOL token has remained surprisingly strong. | Source: SOL-USD on TradingView.com

Related Reading | Why The Crypto Fear & Greed Index Points To Sustainable Recovery

Crypto Vulnerabilities Run Rampant

So how did it all happen? Post-mortems from independent sleuths and other reputable sources in the space have yet to be released, but speculation has largely landed on some variation of a ‘software supply chain attack’ being the likely downfall here. This is where attackers search far and wide for security vulnerabilities across network protocols, server infrastructure, and platform coding practices to take advantage of potential holes.

In this case, the root issue seems to lie within Slope and some have even speculated that it could be a malicious insider at Slope taking advantage of the platform’s practices. As foobar notes in the Twitter thread above, “compromised Phantom wallets came from seed phrase imports used in Slope.”

If you or someone you know is concerned about the safety of their funds on a Solana-based wallet, move funds to a hardware wallet where the seed phrase key has not been typed or inputted digitally on any device. Until a post-mortem from Slope and other reputable resources in the community emerges, there will be a variety of assumptions around these circumstances – so stay tuned and stay secure.

Related Reading | TA: AVAX Struggles To Hold Above Resistance As It Eyes $40

Featured image from Pexels, Charts from TradingView.com
The writer of this content is not associated or affiliated with any of the parties mentioned in this article. This is not financial advice.