Over 5,000 Wallets Have Been Hacked On The Solana Network
An attacker appears to be draining SOL and SPL tokens in an apparent exploit on the Solana network, impacting users of internet-connected “hot” wallets.
The Solana ecosystem appears to be the victim of crypto’s latest exploit, with users reporting that their funds have been drained without their knowledge from major internet-connected “hot” wallets including Phantom, Slope and Trust Wallet.
Solana auditor OtterSec tweeted this evening that more than 5000 Solana wallets have been drained in the past few hours, corroborating numerous reports from people on Twitter claiming their balances have disappeared. OtterSec’s analysis showed the transactions were signed by the owners, which the auditor said suggested a private key compromise.
Several Solana addresses have been linked to the attack so far (1, 2, 3, 4), with those wallets draining at least $5 million worth of SOL, SPL, and other tokens from unsuspecting users.
“We are evaluating the incident impacting Solana wallets and are working closely with other teams in the ecosystem to get to the bottom of this. We will issue an update once we gather more information,” a representative of Phantom said in a statement. “The team doesn’t believe this is a Phantom-specific issue at this time.”
Some users initially suspected the hack could be related to transactions on Magic Eden’s Solana-based non-fungible token (NFT) marketplace, though the source of the exploit has yet to be confirmed. Magic Eden did not respond to CoinDesk’s request for comment, but tweeted a warning for users to revoke permissions from its wallet to avoid being attacked.
???There seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem
Here's what you can do right now to best protect yourself 1. Go to >Settings on your @phantom wallet 2. >Trusted Apps 3. >Revoke Permissions for any suspicious links
Twitter is flooded with reports of Solana users noticing that tokens have suddenly been drained from their accounts.
“I was getting my sunglasses refit when I got a push notification from my mobile wallet that I had sent all the SOL from my wallet,” said Solana community member @gostak_gm. “It was my main hot wallet, so I had it connected to lots of different mobile and web extension wallet providers as well as a lot of dapps. Not clear to me what could have been the root cause. Glad to have most of my funds on a cold wallet.”
It is unclear at this point whether the vulnerability is limited only to the Solana blockchain. A Trust Wallet and Slope wallet user reported losing USDC on both Solana and Ethereum.
For reference I haven't interacted with any contracts at all in ~40 days. My ERC-20 and SPL USDC held on both @slope_finance and @TrustWallet were drained
