Solana Wallet Hack: Here's What We Know So Far - Decrypt

Solana Wallet Hack: Here’s What We Know So Far – Decrypt


  • Thousands of Solana’s software wallets of tokens have been drained since last night in a large-scale attack that has totaled nearly $4.5 million so far.
  • The vulnerability is believed to be caused by software in certain wallets, including Slope and Phantom. Hardware wallets are not affected.

Update, August 3, 4:50PM ET: Solana developers say they have identified the root cause of the hack: the hacked private keys were “created, imported, or used in Slope mobile wallet apps.” Read full details here.

Solana Last night, widespread users began to find that Wallets are dried from SOL, and USDC stablecoinHeadquartered in Solana icons In widespread and continuous penetration. As of this writing, an estimated $4.46 million worth of coins and tokens have been discovered so far.

According to the blockchain explorer sulcan, the four wallets of the attackers identified collectively attacked about 15,200 wallets, although there may be an overlap between their targets. the official Solana case A Twitter account pins the tally with nearly 8,000 unique wallets as of earlier this morning.

With the attack apparently still going on, the network’s core team and founder have begun to share theories about what’s going on. According to Solana Status, “engineers across many ecosystems, along with audit and security firms, continue to investigate the root cause” of the attack.

She added, “This does not appear to be a bug in Solana’s core code, but rather in software used by many software wallets popular among network users.”

This theory is consistent with sentiment developed last night and overnight by Solana developers and security experts. At first, some thought the exploit had to do with permanent permissions that users might have previously granted to a smart contract, and many platforms – such as Top NFT Magic Eden Market—Prompt Solana users to revoke any permissions.

However, that doesn’t seem to help since transactions are signed, indicating a compromise on users’ private keys. Instead, as Solana Status update suggests, the prevailing theory now is that the code within software-based wallet applications is somehow exploited to enable access to the owners’ assets.

Solana co-founder and CEO of Solana Labs Anatoly Yakovenko Tweet overnight It “seems like an attack on the iOS supply chain,” suggesting that the problem is with wallets used on Apple’s iPhone and iPad. However, based on additional evidence, he added In a later tweet, Android users are also affected.

“All confirmed stories so far have the key imported or generated on mobile,” he wrote, noting that the majority of confirmed wallets were from Slope, and some were from Phantom. Hardware wallets don’t seem to be affected at all. Prominent Crypto Investor Adam Cochran wrote this morning it’ 90% [sure] This is related to using the ramp or importing into the ramp. “

When a user asks what Solana developers can do about this issue going forward, Yakovenko replied“Having sex with Apple and Google can give us safe registration and recovery in the device. F’ing hell.”

Slope’s Twitter account has not tweeted Since last night, when he wrote that the team was “actively working to solve the problem.” Likewise, Phantom Last tweet yesterday evening with a similar message, but added that she “did not believe this was a Phantom problem” at the time.

Blockchain security company OtterSec has Affected users are asked to fill out a form details of their portfolio and activity. Yakovenko and other prominent Solana developers shared a similar look in hopes of gathering more data about the exploit.

Solana’s network was at times unreachable or difficult to use last night due to partial outages of the RPC nodes that facilitate network traffic. The slowdown was allegedly due to the efforts of the user who tried to slow down or stop the attack By overcoming the Solana network With transactions in a frenzy similar to DDOS.

Solana (SOL) initially saw a significant price drop following the initial attacks last night, with the price dropping about 8% within two hours. However, it has rebounded somewhat to the current price of just over $40 per coin, or about a 2% retracement over the past 24 hours.

Stay up to date with cryptocurrency news, and get daily updates in your inbox.

#Solana #Wallet #Hack #Heres #Decrypt

Leave a Comment

Your email address will not be published.