Another day, another crypto hack – and I do mean that literally.
Just a day after a massive hack resulted in roughly $190 million of crypto assets missing from Ronin crypto bridge, Solana users appear to be targeted by a widespread hack, with crypto assets being drained from their wallets.
The details of the hack are unclear at this point, though it appears that some users of software Solana wallets, including Phantom and Slope, are having funds drained from them. According to Solana’s official “status” account on Twitter, “approximately 7,767 wallets have been affected,” and it’s happening for users of both the mobile wallets and the browser extensions.
“Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted,” wrote Solana.
The solution at this point, according to Solana, is to use a hardware wallet with a new seed phrase, and transfer the funds there. There’s a big issue with this solution, though: Not all users have a hardware wallet, which is a physical device that offers more security for your crypto assets than a software wallet such as Phantom.
Phantom said on Twitter that it “does not believe this is a Phantom-specific issue.” The company says it will share more information as soon as it can.
UPDATE: Aug. 3, 2022, 3:21 p.m. EDT Security expert @HelpedHope who’s been working with the Solana team to track down the issue chimed in with a few additional details. While he claims that there’s no “clear explanation yet,” he reiterated that the Solana network is “fine.”
Given that the attack is not on a specific wallet provider but on multiple wallets and on multiple operating systems on both mobile and desktop, it might take a while for the exact cause to be found. In the meantime, according to Dune analytics, 7,945 wallets have been compromised.
UPDATE: Aug. 4, 2022, 8:04 a.m. EDT It appears that the main culprit could be Slope wallet and its mishandling of seed phrases. If this is accurate, it means that only users who have used Slope are affected. Slope issued an official statement, saying that a full post mortem is coming; in the meantime, users are advised to move their funds to a hardware wallet.