Skip to content Skip to sidebar Skip to footer

An ongoing Solana (SOL) hack has affected more than 8,000 wallets and drained a (currently) estimated USD 4.5m-USD 8m worth of funds.
According to data compiled by crypto tracking platform MistTrack, four addresses linked to hackers have so far stolen USD 580m worth of crypto assets from over 8,000 wallets.
However, MistTrack stated that, excluding the value of EXIST “and other shitcoins,” USD 4.5m worth of SOL, USDC, USDT, bitcoin (BTC), and ethereum (ETH) have been stolen.
Still, blockchain investigator PeckShield estimated a higher loss, stating:
“So far, the loss is estimated to be USD 8m, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued [USD] 570M).”
As the hack begun, users started reporting that their funds have been drained without their knowledge from major internet-connected “hot” wallets, including Phantom, Slope, and TrustWallet. Some affected users have claimed that they haven’t interacted with any contracts in more than 40 days.
According to blockchain auditor OtterSec, the transactions are being signed by the actual owners, suggesting some sort of private key compromise. They asked all users of the affected wallets to move their assets “to a hardware [wallet] or a centralized exchange.”
The exact cause of the hack is still largely unclear though it appears to have predominantly impacted mobile wallet users.
The team behind Solana said that engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana.
“There is no evidence hardware wallets are impacted,” they added.
Meanwhile, Phantom said that “at this time, the team does not believe this is a Phantom-specific issue.”
According to Solana Labs co-founder Anatoly Yakovenko, only a token-specific delegation or an auto approve, or a leaked seed could transfer assets from a wallet on behalf of the user.

Leave a comment