The Solana ecosystem is in the middle of a security emergency as over 7000 wallets were drained by and ongoing hack, and the figure seems to be rising.
Cointelegraph reported on Tuesday that an ongoing widespread Solana wallet compromise was on display, with damage accounting for million dollars.
The figure soared in speed, making “Solana” become the trending search on Twitter.
Solana Holders Blasted
It all started when a large number of users complained that hackers were stealing their funds and warned the community to send funds to cold wallets or centralized exchanges, particularly those using Phantom and Slope wallets.
At the time of issue discovery, there were no specific statistics to be confirmed regarding the number of victims and the total amount of money stolen.
According to blockchain investigator PeckShield, it is estimated that about $8 million from victims was transferred to four unknown digital wallet addresses.
Meanwhile, Ava Labs CEO and founder Emin Gun Sirer said more than 7000 wallets fell victim to Solana’s private key compromise and the number showed no sign of stopping.
It Must be a Great Token!
Solana, Magic Eden, Phantom, and Slope confirmed the attack. The case is still under investigation for further updates and information.
“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update,” Phantom stated.
In a public statement on Solana Status, Solana said that it initially identified the root cause of the attack. It looks like the hackers targeted security flaws in software associated with Solana wallets. The Solana core code, on the other hand, stays safe.
Currently, Solana has not officially announced whether or not to refund the affected people. The attack caused the price of Solana’s SOL token to drop 7.3% during the day, the lowest in a week.
Data on Coinmarketcap shows that Solana’s price rebounded in the evening of the same day but overall the cryptocurrency is still in the red. Experts discovered that in addition to cryptocurrencies, some NFTs were also stolen in the hack but have not been fully documented.
Late last year, the crypto community started to see the Solana network as a close-to-perfect alternative to Ethereum because of its low cost and fast transaction speed.
Transaction fees on the Ethereum network are high, which has led many investors to look for other ways to save money. Solana ecosystem is also home to many emerging running monetization projects like Steph.
But the limitation of this network is that it is not very stable, and hackers often shut it down.
More Hacks Will Come
There is a constant development of attacks in the crypto space at the beginning of August. The attack on the Solana network came just one day after the Nomad bridge hack that resulted in a $190 million loss.
Also on the same day when Solana’s exploits occurred, Github developer Stephen Lucy reported a large-scale malware attack on 35,000 software repositories.
It is in fact cloning open source repositories, a common practice in crypto development. However, it still carries the threat actors as these copies have malicious codes, which could affect developers.
Once a developer is hit by malware, the entire environment variable (ENV) of the script, application, or laptop is sent to the server of the attacker. This also means that they will lose important things like security keys and access keys.
According to experts, when the blockchain industry is through a slow period, there is not a significant amount of money at stake, scam projects are not making money, and hackers will search deeply into the ecosystem of the blockchain to uncover profitable opportunities.
Users should be cautious with their assets at this time, and projects should make use of this time to review vulnerabilities, particularly those that relate to security.
Source: https://blockonomi.com/solana-wallet-exploit-cleans-out-millions-in-seconds/