Thousands of Wallets Compromised in Ongoing Solana-Based Hack

The hackers have targetted Solana users with millions of funds being drained from thousands of wallets.

On-chain data shows that, so far, the losses have been estimated to be around $8 million from over 7,000 compromised wallets. This number has been rising at around 20 per minute, according to Ava Labs CEO and founder Emin Gun Sirer.

• The attack vector remains unknown, but, according to the prominent blockchain security expert PeckShield, the hack could potentially be due to a “supply chain issue” that was exploited to steal user private keys behind affected wallets.
• The attacker managed to nab both native tokens (SOL) and SPL (USDC) from hot wallets. Notably, a majority of the them that were targeted have been inactive for more than six months.
• Solana-based hot wallets such as Phantom and Slope have been targeted and experts have warned users to transfer their funds into offline cold wallets.
• Anonymous blockchain sleuth, zachxbt, observed that the wallet of the hacker was funded via Binance seven months ago.
• Moreover, it was dormant before the attack, and four different wallets were used by the hacker around 10 minutes before the event.
• Solana confirmed the breach and revealed that there are some 7,767 wallets affected by the breach.

Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted.

This thread will be updated as new information becomes available.

— Solana Status (@SolanaStatus) August 3, 2022

• Slope has also confirmed that it is currently working with Solana Labs and other Solana-based protocols and teams to get to the bottom of the issue.