Ongoing Solana-based wallet hack seeing millions drained
$8 million in funds drained so far across several Solana-based hot wallets.
NFT Marketplace Magic Eden expressed that it seems to be a widespread SOL exploit at play and called on users to revoke permissions for any suspicious link in their Phantom wallets.
Solana right now trending on Twitter as countless users are either reporting on the hack as it unfolds or is reporting to have lost funds themselves warning with Solana-based hot wallets like Phantom and Slope wallets to move their funds into cold wallets.
Industry Leading Blockchain Security Company PeackShield on August 2 said the widespread hack is likely due to a supply chain issue that has been exploited to steal user private keys behind affected wallets.
According to PeackShield Company, The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal user private keys behind affects wallets. So far, the loss is estimated to be $8 M excluding one illiquid shitcoin.
#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind affects wallets. So far, the loss is estimated to be $8M, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued $570M) pic.twitter.com/aTGNsTc6d8— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Solana based wallets providers including Phantom and Slope, and NFT marketplace Magic Eden are among those that have commented on this issue with wallet provider Phantom noting that it is working with other teams to get to the bottom of the issue, it says it doesn't believe this is a phantom specific issue at this stage.
According to Phantom, we are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. the team does not believe this is a Phantom-specific issue.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.— Phantom (@phantom) August 3, 2022
As soon as we gather more information, we will issue an update.
As per the view, Slope said it is now working with Solana Labs and other Solana-based protocols to pinpoint the issue and rectify it though there were no breakthroughs yet.
According to Twitter user, @nftpeasant said as much as $6 million worth of funds were exploited from Phantom wallets in just 10 min on August 2. Phantom wallet users had $500,000 worth of USDC drained from their accounts.
???!!! https://t.co/sBDgxqGyaw— Matthew Graham (@mattysino) August 2, 2022
Popular scam detective @zachxbt also did some digging and revealed to their 274,800 followers that the hackers initially funded the primary wallet connected with this attack via Binance seven months ago.
The transaction history shows that the wallet remained dormant until today before the hackers conducted transactions with four different wallets 10 min before the attack started.
Crypto tracking and compliance platform Mist Track stated via Twitter that as many as 8,000 wallets have been hacked with $580 million sent to tour addresses.
During, Ava Labs CEO and founder Emin Gun Sirer expressed that the number was at 7000 plus wallets a number which is rising at around 20 per minute he said he believes that as the transaction appears to be signed properly. the attacker has likely acquired access to the private key.
Emin Gun Sirer said:
There's an ongoing attack targeting the Solana ecosystem right now. 7K+ wallets were affected by waiting 20 min.
There's an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it's very early and the attack is ongoing, there's a lot of misinformation and speculation. So here are a few thoughts and clarifications.— Emin Gün Sirer (@el33th4xor) August 3, 2022