Solana Exploited, Wallets drained.
In the late hours of Tuesday night, an unidentified attacker swiped Solana and USDC valued at at least $4 million from hundreds of wallets. The breach, which was still active at 8:00 PM PST, appeared to come from the Phantom wallet on the Solana browser and was thought to have compromised user keys. It may have involved seed phrases that were reused by several wallets on various chains.
In the previous few hours, “over 5,000 Solana wallets have been emptied,” according to blockchain auditing company OtterSec earlier in the evening. The fact that the owners of these transactions are signing them suggests a compromised private key. A little while afterwards, Watcher Guru upped the total to 8,000.
The Phantom Solana browser wallet and the Solana ecosystem were singled in the initial reports. In the two hours after the initial reports of the attack, Solana’s value already fell about 8% as a result of the news, according to CoinMarketCap, which also records a 45 percent rise in trading volume over the previous 24 hours.
Solana companies have taken to social media, Twitter to assure their users they have their experts atop the exploit. Phantom says it is investigating the reported exploits.
“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem,” Phantom tweeted. “At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update.”
Magic Eden, the largest NFT marketplace in the Solana ecosystem is also not left out, as they had issued an early warning via tweet to users of this exploit.
“There seems to be a widespread SOL exploit at play that’s draining wallets throughout the ecosystem,” the account wrote. In the tweet, Magic Eden provided instructions to remove permissions for suspicious links.
According to multiple tweets from users who said their $USDC had been emptied, the exploit seems to affect both $SOL ($SOL) and $USDC ($USD) holders. The attacker is taking both native tokens (SOL) and SPL tokens (USDC), hitting wallets that have been dormant for less than six months, according to on-chain analysis by Twitter user @0xfoobar. He noted that switching to an offline hardware wallet, contrary to popular belief, is the only solution in light of his theorized upstream dependence supply chain attack.
The origin or cause of this exploit is currently only a matter of conjecture, as blockchain engineers, even those from other ecosystems, are still trying to identify any potential loopholes. However, it appears that they are having trouble doing so, as one Twitter user noted earlier: “The Solana transaction explorer is so fucking hard to read and no contract is publicly verified so I have no fucking clue what’s happening.”
It appears that other enthusiasts have the similar opinion regarding the transaction explorer data, which makes it challenging to delve further into the roots of this hack.
People are monitoring the purported attacker’s wallets in usual crypto hack way, which has so far been determined to be:
https://solscan.io/account/Htp9MGP8Tig923ZFY7Qf2zzbMUmYneFRAhSp7vSg4wxV#solTransfers
https://solscan.io/account/CEzN7mqP9xoxn2HdyW6fjEJ73t7qaX9Rp2zyS6hb3iEu#solTransfers
https://solscan.io/account/5WwBYgQG6BdErM2nNNyUmQXfcUnB68b6kesxBywh1J3n#splTransfers
In overall, this attack, which comes after yesterday’s Nomad Bridge hack, is bad news for the cryptocurrency market. Security in this environment is still quite erratic and ultimately vulnerable. Will these attacks serve as a warning to developers and engineers to improve their security measures going forward, or should we prepare for more of these hacks and hope for the best?
Please refer to my article on Security in the Crypto space; https://medium.com/@ayomidedaniels92/security-in-nfts-8e3da1d8425f for security tips in navigating this dangerous waters.
Thanks for reading, and stay safe!
Thanks for reading the article😊😊😊
Make sure to also follow us on our Web3 Surfers medium the page!!!
https://medium.com/web3-surfers
