Imagine experiencing a robbery without knowing the culprit. Yes, very unfortunate scenario. Now, multiply that robbery by a million dollars, think of the situation then. No wonder, you will be petrified. Well, this is the emerging case that comes from the cryptocurrency world.
Knock, knock, who’s there?
On August 3, the Solana network experienced a multi-million dollar hack, the culprits of which remained unknown as of this writing.
Consequently, SOL, the native token of the Solana network, he fell by 3.76% in the last 24 hours as it fell to $38. The incident saw more than 8000 wallets suffer the fallout.
The affected users shared their agony on social media platforms. More than 8000 wallets have been affected so far. And, the hackers managed to steal $580 million. This was allegedly done by the four addresses listed below in the tweet.
MisTrack, a security analyst shared this development.
So far more than 8000 wallets and ~580 million dollars have been stolen from the following 4 addresses.
— MistTrack🕵️ (@MistTrack_io) August 3, 2022
Blockchain researcher PeckShield repeated the illegal activity in question. He also added that the widespread hack was likely caused by a “supply chain issue” which was used to steal users’ private keys.
#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue that was exploited to steal/reveal user private keys behind the affected wallets. So far the loss is estimated at $8 million, excluding one illiquid shitcoin (it only has 30 holds and maybe a misvalue of $570 million) pic.twitter.com/aTGNsTc6d8
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Related Phantom wallet providers and Magic Eden non-fungible token (NFT) market notified users of the same issue. Phantom, a Solana wallet built for DeFi and NFT, said on Twitter,
We are working closely with other teams to understand a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
Once we gather more information, we will issue an update.
— Phantom (@phantom) August 3, 2022
Magic Eden confirmed reports earlier in the day on August 3 stating,
“Looks like there is a widespread SOL exploit draining wallets, people should revoke permissions for any suspicious links.”
According to Solana Status research, engineers from several ecosystems, with the help of several security companies, investigated drained wallets in Solana. “There is no evidence that hardware wallets are affected,” the team revealed in a tweet.
Meanwhile, Ava Labs CEO and founder Emin Gun Sirer said the number was 7,000 plus wallets. Well, “a number that increases by about 20 per minute.” As the transactions appear to be properly signed, the attacker likely gained access to private keys.
One possible route is a “supply chain attack” where a JS library is compromised and infiltrates (steals) users’ private keys. Affected wallets appear to have been created within the last ~9 months, but there are reports that recently created wallets are also affected.
— Emin Gün Sirer🔺 (@el33th4xor) August 3, 2022
Binance head Changpeng Zhao (CZ) as well commented on this delicate subject to shed light on this situation.
Shades of certainty
Unfortunately, this isn’t the first time a Solana-related hack has been discovered.
This is not to say that SOL did not see the light at the end of the tunnel.
Despite market conditions, network usage as measured by unique ratepayers continued to trend upward.
On the Solana network, unique ratepayers hit an all-time high of 450,000 in May. That was nearly double the previous all-time high of 280,000 in January 2022.
Specifically, the network averaged about 205,000 unique ratepayers in the first quarter. And, it stabilized at about 320,000 during the second quarter.
The increase in unique fee payers is consistent with the increase in new NFTs, NFT sales and unique NFT buyers.