Share this article
At least 7,767 Solana wallets have been affected.
Hackers are targeting Solana users
Hackers have drained thousands of Solana wallets in an ongoing attack.
Engineers from several ecosystems, with the help of several security companies, are investigating the drained wallets on Solana. There are no indications that hardware wallets are affected.
This thread will be updated as new information becomes available.
— Solana Status (@SolanaStatus) August 3, 2022
Reports of attackers extorting funds from Layer 1 blockchain wallet users surfaced on Twitter early Wednesday. While the full extent of the damage is unknown, the Solana Foundation has confirmed that at least 7,767 wallets have been affected at press time.
The Solana Foundation took to Twitter to confirm that it was investigating the incident at 02:39 UTC. “Engineers from multiple ecosystems, with the help of multiple security firms, are investigating the drained wallets on Solana. There are no indications that hardware wallets have been affected.”
Hackers targeted both Ghost and Slope wallet users. Both teams issued statements to confirm they were investigating the incident, with Phantom noting that “the team does not believe this is a Phantom-specific issue.” Magical Eden too he said that it was looking at “an extensive SOL exploit” and urged Solana users to revoke their wallet permissions for any suspicious links.
The Solana Foundation noted that hardware wallets appear to be unaffected. Based on information currently available, Solana Labs is lead by Austin Federa he said that “a potential attack on the supply chain” could be to blame. He speculations that multiple wallets could share some software dependency, as attackers could sign the transactions that depleted the wallets without tricking users into giving away their money, as is often the case with other crypto wallet exploits. “Probably not protocol level,” he added. Some Ethereum TrustWallet users have allegedly affectedalthough it is not yet clear if they were targeted as part of the same breach.
Solana Labs co-founder and CEO Anatoly Yakovenko also commented on the incident, calling for influenced users to present information. “Looking for people who were affected by the attack but only received sol or tokens in the wallet and never transacted more than once, I never reused their mnemonic key anywhere else,” he wrote. The Solana Foundation also asked affected users to fill out a survey to help engineers investigating the incident find the root cause.
The total amount stolen is still unknown, although it is believed to be in the millions of dollars.
SOL has suffered from the attack. Per CoinGecko datatrading at $38.55, down 4.4% at press time.
This story is developing and will be updated as further details emerge.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.