The Solana Ecosystem appears to be facing an ongoing exploit as several of its users are reporting that their funds have been drained without their knowledge though their Solana-based wallets including Phantom, Slope, and Trust Wallet.
According to the crypto tracker of SlowMist, a blockchain security firm, more than 8000 individual users’ wallets were exploited that totals to $580 million worth of cryptocurrency—so far. Moreover, the tracker noted that the amount was sent to four wallet addresses.
Currently, at the time of writing, there are several reports on crypto Twitter of countless users either about the hack, or are reporting to have lost funds themselves. This includes CIA Officer, an independent crypto security researcher, who has advised wallet owners to unlink their browser-based Solana wallets from all internet sites, and move their funds to a new clean wallet.
Further, Magic Eden, a Solana-based non-fungible token (NFT) Marketplace, are among those that have commented on the issue, stating that it “seems to be a widespread SOL exploit at play” and it is working with other teams to get to the bottom of the issue. They also called on users to revoke their permissions for any suspicious links in their Phantom wallets, their main wallet provider, although they say they still do not “believe this is a Phantom-specific issue”.
Consequently, Slope wallet stated that it is currently working with Solana Labs and other Solana-based protocols to figure out the issue and rectify it. However, they noted that there were “no major breakthroughs yet.”
On the other hand, Emin Gun Sirer, Ava Labs CEO and founder, stated that the affected users was at more than 7,000, a number which is rising at around 20 per minute. According to him, he believes that as the transactions appear to be signed properly, “it is likely that the attacker has acquired access to private keys.”
However, according to Kristian Kuirapas, Solana Developer from the Philippines, there are currently multiple opposing views, all of which could not pinpoint a single cause.
“But it seems the most probable cause right now is a vulnerable library used in applications/wallets that was exploited, allowing hackers to get a hold of the private keys,” Kuirapas said, while also adding that Solana’s engineering team are still investigating.
There are some reports suggesting users should turn off their computers to not become a victim of the exploit, but Quirapas doubted it’s the case for the Solana hack.
“Turning off your computer would help if an attacker was hijacking your system from a remote location like a “backdoor” and using your system to make transactions with your account. If you turn off your system, you close connections with the attacker. I doubt that this is the case for the current Solana hack.”
“Also, if private keys are compromised and they have a copy of your private key, turning off your computer wouldn’t help at all because they can just use it anytime they want,” Quirapas concluded.
This article is published on BitPinas: Filipino Solana Developer Explains How the Phantom Wallet Hack May Have Occured
Disclaimer: BitPinas articles and its external content are not financial advice. The team serves to deliver independent, unbiased news to provide information for Philippine-crypto and beyond.