Solana Shutdown: ecosystem compromised with millions of dollars drained

As tweeted by Solana's Status account at 5am UTC on Wednesday, “An exploit allowed a malicious actor to drain funds from a number of wallets on Solana. As of 5am UTC approximately 7,767 wallets have been affected. The exploit has affected several wallets, including Slope and Phantom. This appears to have affected both mobile and extension.” Wallets affected by the hack include Phantom, Slope, Solflare, and TrustWallet. 

According to PeckShieldAlert, a service that detects real-time scam tokens and phishing sites, the total loss of the hack amounts to $8 million. 

The attack affected “hot” wallets and as noted by Solana Ventures investor Justin Barlow, Solana-linked wallets were not the only ones drained - USDC balances were drained too. This claim was also confirmed on Twitter by analyst @0xfoobar:

The Solana-based wallet provider Phantom stated via its official Twitter account that they are investigating the case and that, “the team does not believe this is a Phantom-specific issue.”

Slope also claimed that they are working with Solana Labs to get to the bottom of the hack.  

Binance CEO also commented on the SOL exploit, suggesting users “send funds to a cold wallet”. 

Supposedly those impacted by the attack were users of mobile wallets. The hacker managed to initiate and approve transactions in place of other users while compromising a third-party service. 

This unfortunate case will raise further discussions about the security and safety of hot wallets that operate when connected to the internet. Undoubtedly cold wallets, which are USB drives that require holders to plug them into the computer in order to proceed with transactions, are not as convenient, yet are more secure.  

In the meantime, we will be watching the investigation unfold. 

Earlier we wrote that Immunefi conducted research and reported that crypto-related hacker attacks amounted to over $670 million in the second quarter of 2022.