Solana users across the globe were surprised on Tuesday night to find that their internet-connected wallets were suddenly drained of SOL, USDC stablecoin, and other Solana-based tokens in a so-called supply chain attack.
It came to light that over 8,000 Solana wallets were compromised, with the bad actor(s) making away with almost $5 million worth of coins and tokens.
Details Of The Solana Wallet Hack
Unknown attackers pillaged thousands of Solana wallets.
News of the widespread hack emerged late Tuesday night. Although the full extent of the exploit was still unknown, Solana Status revealed that approximately 8,000 wallets had been affected. The attackers targeted Phantom, Slope, and TrustWallet users.
Some speculated that the attack had something to do with the existing permissions that users may have previously given to smart contracts and other platforms. Solana-based non-fungible token (NFT) marketplace Magic Eden urged users to revoke permissions for suspicious links. This, however, didn’t seem to help as transactions were being signed legitimately, therefore indicating that users’ private keys had been compromised.
Engineers from multiple ecosystems found that the exploit was not caused by a bug in the Solana core code. It was possibly due to vulnerabilities in the software used by several wallets within the blockchain’s ecosystem.
Solana co-founder and Solana Labs CEO Anatoly Yakovenko confirmed that both iOS and Android users were victims of the supply chain attack. He also asked affected users to come forward with information. “Looking for folks who were effected by the attack, but only received sol or tokens into the wallet and never transacted more than once, never reused their mnemonic key anywhere else,” Yakovenko tweeted.
The consistent message to Solana users from the broader crypto community was to transfer their funds to centralized exchanges or cold storage.
Meanwhile, the Solana Foundation is requesting those who lost funds during the attack to fill out a survey to assist engineers looking into the incident to unpack the root cause.
SOL Price Struggles As Investors Lose Confidence
The Solana wallet hack attracted criticism from the investor community, with some industry observers on Twitter suggesting shorting the SOL cryptocurrency. Solana has suffered numerous network outages in the past months that have tarnished its appeal as an Ethereum alternative.
SOL’s price initially plummeted by circa 7% within hours after the hack was reported. The coin has pared some of the losses to the current price of $38.49, or about a 3.28% drop over the past 24-hour trading period.
Nevertheless, such a widespread hack puts an ugly stain on the network’s crumbling reputation.