The Solana network has suffered a multi-million dollar attack wherein funds have been drained across user wallets. Countless users have taken to the micro-blogging platform Twitter to report the hack. Users having Solana-based hot wallets like Phantom and Slope are advised to move their funds into cold wallets.
An independent crypto security researcher CIA Officer urged users to unlink browser-based Solana wallets from all internet sites and to move funds to a new clean wallet. Phantom and Slope are used as Chrome extensions, as an alternative to hardware wallets within internet browsers. The respective wallets tweeted advice to the users. Magic Eden suggested revoking permissions of apps within the Phantom wallet trusted apps settings. Phantom informed users that it’s working with other teams to get to the bottom of the vulnerability in the Solana ecosystem. There’s no evidence to believe that this is a “Phantom-specific” issue.
CIA Officer tweeted that scammers are withdrawing SOL from wallets in an unknown way. The stolen funds exceed $5 million. The alarm was raised by @SolportTom. On August 3, he said there wasn’t any mint that happened at the time of the drain. Tom noted that the transactions look like normal transactions, and not transfers from a contract. Speculations are that the incident has to do with a gambling service. @0xfoobar, a crypto developer linked the attack to a widespread private key compromise. He says the solution is to transfer assets into a wallet that has never exposed a private key to potentially vulnerable browser extensions – meaning hardware wallets.
So far, around $6 million worth of funds has been drained from Phantom wallets. One user lost $500,000 worth of USDC from their account. Mist Track, a crypto tracking, and compliance platform, said around 8,000 wallets have been exploited, while Ava Labs CEO and founder Emin Gun Sirer says its 7,000 plus wallets – and it keeps rising every 20 minutes. He believes the hacker has gotten hold of private keys.
