Visa Partners with Solana and USDC Stablecoin to Enhance Global Cross-Border Payments
SOL and ADA Outperform Other Major Cryptocurrencies in Price Gains as Bitcoin Traders Recover from $1 Billion Liquidation Event
Bitcoin Languishes as ETF Optimism Subsides; PEPE Takes the Lead in Altcoin Profits
So far, a large-scale hack has stolen up to $8 million from a number of Solana-based "hot wallets." This hack is still going on.
At the time of this writing, Solana (SOL) is trending on Twitter because a lot of people are either tweeting about the hack as it happens or saying they've lost money. These people are warning anyone with Solana-based hot wallets like Phantom and Slope wallets to move their money to cold wallets.
On August 2, a blockchain researcher named PeckShield said that the widespread hack is likely caused by a "supply chain issue" that has been used to steal the private keys of wallet users. It said that the loss so far is thought to be about $8 million.
#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind affects wallets. So far, the loss is estimated to be $8M, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued $570M) pic.twitter.com/aTGNsTc6d8
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Phantom and Slope, two Solana-based wallet providers, and Magic Eden, a marketplace for non-fungible tokens (NFTs), have both said something about the issue. Phantom, one of the wallet providers, says it is working with other teams to figure out what's going on, but it doesn't "believe this is a Phantom-specific issue" yet.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
— Phantom (@phantom) August 3, 2022
As soon as we gather more information, we will issue an update.
Earlier in the day, Magic Eden confirmed the reports by saying that there "seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem." It also asked Phantom wallet users to revoke permissions for any suspicious links.
Slope said that it is working with Solana Labs and other Solana-based protocols to figure out what the problem is and fix it, but that there have been "no major breakthroughs yet."
"Still in the middle of it. No big steps forward yet. Will let you know as soon as possible if there are any big conclusions and/or suggested ways to do things."— Slope (3 August 2022 @slope finance)
On August 2, a Twitter user named @nftpeasant said that as much as $6 million was stolen from Phantom wallets in just 10 minutes. In one case, it looks like $500,000 USDC were taken from a Phantom wallet user's account.
???!!! https://t.co/sBDgxqGyaw
— Matthew Graham (@mattysino) August 2, 2022
@zachxbt, a well-known scam detective who calls himself a "on-chain sleuth," also did some digging and told their 274,800 followers that the hackers first put money into the main wallet for this attack through Binance seven months ago.
The history of transactions shows that the wallet was inactive until today, when the hackers used four different wallets to make transactions 10 minutes before the attack started.
Scammers wallet funded via Binance 7 months agohttps://t.co/5gQbObcsg4 https://t.co/sco5SPBrne pic.twitter.com/AL6Hm4F3R3
— ZachXBT (@zachxbt) August 3, 2022
There have also been different reports about how many wallets have been affected and how bad the damage has been so far.
Mist Track, a crypto tracking and compliance platform, said on Twitter that up to 8,000 wallets were hacked and $580 million was sent to four addresses. However, people who commented on the post were skeptical about the number.
Emin Gun Sirer, the CEO and founder of Ava Labs, said that there are more than 7,000 wallets, and that number is going up by about 20 per minute. He said that he thinks the attacker has access to private keys because the transactions look like they were signed correctly.
There's an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it's very early and the attack is ongoing, there's a lot of misinformation and speculation. So here are a few thoughts and clarifications.
— Emin Gün Sirer🔺 (@el33th4xor) August 3, 2022
Coincryptous has asked Phantom for a comment on the matter, and if the company responds, the story will be updated.
--------