A security vulnerability impacting the Solana ecosystem has reportedly seen at least $6 million in SOL, SPL and other tokens drained across wallets. The attack is still ongoing.
The vulnerability was first reported by Twitter user Solport Tom.
Massive exploit/drain going on with Solana seeing it live in Taiyo tons of people losing their whole balance out of no where.
Move everything to a ledger NOW.
Two wallets reported:
— Tom 《TYR》 (@SolportTom) August 2, 2022
Four Solana addresses are suspected to be linked to the attack. Crypto tracking and compliance platform, Mist Track, estimated that as much as $580 million worth of cryptocurrency had been stolen from 8,000 wallets and then dispersed among four separate wallet addresses. However, their is widespread scepticism in crypto commmunity regarding this number.
Scam Detective ZachXBT revealed that the hackers initially funded the wallet via Binance seven months ago. The wallet remained dormant until the hackers conducted transactions with four wallets right before the attack started.
NFT marketplace Magic Eden tweeted to confirm reports of a “widespread SOL exploit at play” warning users to revoke permission for any suspicious links in their Phantom wallets to avoid being hacked.
🚨🚨🚨There seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem
Here's what you can do right now to best protect yourself
1. Go to >Settings on your @phantom wallet
2. >Trusted Apps
3. >Revoke Permissions for any suspicious links
— Magic Ethen 🪄 (@MagicEden) August 3, 2022
While Phantom tweeted that it was “working with other teams to get to the bottom of the issue”, they did not believe that it was a Phantom-specific issue.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
As soon as we gather more information, we will issue an update.
— Phantom (@phantom) August 3, 2022
Slope released a similar statement stating that the team was actively working to address the issue.
To all those currently affected by the breach on Solana, please know we are actively working to sort out the issue as rapidly as possible and rectify best we can.
We will be in touch as soon as we have answers.
— Slope (@slope_finance) August 3, 2022
Nevertheless, it is unclear at this point whether the vulnerability is only limited to the Solana Blockchain.
Crypto Twitter user and crypto developer foobar reported that both Phantom and Slope wallets that have been inactive for >6 months were being affected. Crypto auitor OtterSec tweeted “these transactions are being signed by the actual users, suggesting some sort of private key compromise.”
It is suspected by some users that the hack could be related to transactions on Magic Eden’s Solana-based NFT marketplace.
Solana’s value has seen a drop of 8% in the first two hours following the first reports of the exploit. The Solana team has yet to issue an update on social media.