The Solana smart contract project is again plagued with problems after it was discovered that nearly 8,000 Solana-based wallets have been compromised. surveyed owners of the affected wallets, and the team emphasized that “engineers are investigating the root cause.”
Solana investigates massive wallet exploit; root cause of hack still unknown
Solana users, whose chain has been down several times in the past, are dealing with a massive wallet vulnerability that affects certain wallet software, including Phantom and Slope Solana developers and victims discovered the exploit on Tuesday evening (EST) and and the hacker’s method of attack is currently unknown.
blockchain security firm Peckshield noted that said the exploit could have originated from a supply chain attack; Anatoly Yakovenko, co-founder and CEO of Solana Labs, also said the exploit likely originated from a supply chain attack.
“It seems like an iOS supply chain attack; multiple plausible wallets that only receive sol and have no interaction beyond receiving are affected,” Yakovenko wrote . “Android seems to be affected as well. All stories we have seen so far are either key imported or mobile generated. Most of the reports are Slope, but there are a few Phantom users as well,” said Solana Labs CEO added .
Solana has been abused and millions of dollars have been drained from multiple wallets.
Cause of SOL exploit still unknown. pic.twitter.com/uvoUO8yNlO
– Hector Lopez (@hlopez_) is August 3, 2022
The amount of money stolen in the hack is also currently unknown, with security firm Anchain estimating around $5 million and Peckshield estimates it to be around $59} is Solana Status Twitter account describes what the Solana team has discovered so far.
“Engineers from several ecosystems, with the help of several security companies, are investigating the compromised wallets on Solana. There is no evidence that any hardware wallets have been affected,” said the team
The Solana team also left asurvey formfor victims. This survey form asks many specific questions, such as which addresses were affected by the exploit and the type of wallet the user used. Victims must detail exactly when they downloaded the wallet and whether the wallet is an iOS version, Android version, Windows, Mac, or browser version.
One question asks if the victim generated the seed phrase from within the compromised wallet and the survey wants to know when and where the seed phrase was created According to the Solana Hack Survey hosted on the Solana Foundation website, the seed phrase question is “required.”
Solana’s recent wallet exploit follows blockchain issues with block generation in andin September2021. June 2022. Between these two dates, the Solana network had to stop producing a total ofblocks. 104} eight times{106> {105 .
This week’s exploit undermined Solana’s (SOL) market gains, and of the top 10 crypto assets, SOL is the only token that lost value against the USD on Wednesday.SOL was a top 5 contender in the crypto economy a few months ago, and is still in 9th It is.
“Mikkel Mørch, executive director of digital asset investment fund ARK36, told Bitcoin.com News on Wednesday, “Whether the attackers exploited the Phantom wallet vulnerability or some other hidden weakness in the broader Solana ecosystem It is not yet clear at this time whether the attackers exploited the Phantom wallet vulnerability or some other hidden weakness in the broader Solana ecosystem. However, the hack will undoubtedly cast a shadow over the credibility of Solana as a better alternative to Ethereum, especially with regard to security.” It may further boost Ethereum from a narrative perspective as the most secure and trusted defi ecosystem,” Mørch added.
Image credits: Shutterstock, Pixabay, Wiki Commons