CoinShots Logo
Solana Struggles As Investors Lose Confidence In The ‘ETH Killer’ Following Latest Hack
Solana users across the globe were surprised on Tuesday night to find that their internet-connected wallets were suddenly drained of SOL, USDC stablecoin, and other Solana-based tokens in a so-called supply chain attack.
Himanshu S.
9:46 4th Aug, 2022

It came to light that over 8,000 Solana wallets were compromised, with the bad actor(s) making away with almost $5 million worth of coins and tokens.

Unknown attackers pillaged thousands of Solana wallets.

News of the widespread hack emerged late Tuesday night. Although the full extent of the exploit was still unknown, Solana Status revealed that approximately 8,000 wallets had been affected. The attackers targeted Phantom, Slope, and TrustWallet users.

Some speculated that the attack had something to do with the existing permissions that users may have previously given to smart contracts and other platforms. Solana-based non-fungible token (NFT) marketplace Magic Eden urged users to revoke permissions for suspicious links. This, however, didn’t seem to help as transactions were being signed legitimately, therefore indicating that users’ private keys had been compromised.

Engineers from multiple ecosystems found that the exploit was not caused by a bug in the Solana core code. It was possibly due to vulnerabilities in the software used by several wallets within the blockchain’s ecosystem.

Solana co-founder and Solana Labs CEO Anatoly Yakovenko confirmed that both iOS and Android users were victims of the supply chain attack. He also asked affected users to come forward with information. “Looking for folks who were effected by the attack, but only received sol or tokens into the wallet and never transacted more than once, never reused their mnemonic key anywhere else,” Yakovenko tweeted.

The consistent message to Solana users from the broader crypto community was to transfer their funds to centralized exchanges or cold storage.

Meanwhile, the Solana Foundation is requesting those who lost funds during the attack to fill out a survey to assist engineers looking into the incident to unpack the root cause.


CoinShots Logo


Get in touch:

© 2022 Coinshots (AtlasZero LLC). All rights reserved.