Hackers have targeted the Solana ecosystem, draining crypto funds from thousands of “hot” wallets connected to the internet. Such attacks are common with blockchain platforms, but the news is still significant given the praise Solana has received as one of the faster and cheaper ecosystems for trading digital assets.
It appears that hackers have been able to steal Solana’s own cryptocurrency (SOL) as well as some compatible with the Solana blockchain, such as the USD Coin (USDC) stablecoin. As the attack continues, the value of the stolen assets is not clear, but reports are out independent analysts and Security companies like PeckShield Losses are estimated to be as high as $8 million.
Solana has had security incidents in the past, including bot spam and reported DDOS attacks. Meanwhile, it’s also taking deposits for the Saga phone, which it says will launch next year with support for the network’s built-in decentralized apps.
This does not appear to be a bug in the Solana core code, but in software used by several software wallets popular with users of the network.
Updates will be posted to https://t.co/ivyoIbdCDP as they become available. 2/2
— Solana Status (@SolanaStatus) August 3, 2022
Solana’s official Twitter account says now that approximately 8,000 (up from 7,767) wallets appear to have been affected by the attack, including those operated by third-party providers Phantom and Slope. The company did not explain the cause of the attack, but noted that there was no evidence that hardware wallets (that were not connected to the internet) were affected.
The company’s status update tweeted, “This does not appear to be a bug in Solana’s core code, but rather in software used by several software wallets popular with users of the network.”
However, on Twitter, Solana’s co-founder Anatoly Yakovenko went into more detail and suggested the hack seemed like an attack on the supply chain targeting both iOS and Android applications (meaning the attackers exploited a vulnerability in connected apps or browser extensions). As Decrypt reports, the transactions are signed with users’ private keys, suggesting that the attackers somehow compromised the seed phrase used to secure their wallets.
Update Aug. 2, 9:35am ET: Added latest updates from Solana.