Solana Wallets Are Reportedly Getting Drained to an Unknown Address
The Solana ecosystem seems to be facing an ongoing hack. Users have reported funds being drained from their wallets.
Affected users were reportedly using Trust, Slope, and Phantom wallets. The missing tokens include SOL, USDC, and more. The attack is still on and multiple addresses have been linked to it.
#Solana Hack is trending on Twitter as victims are coming forward to report their loss. As per Twitter user "foobar", the attack is draining native tokens as well as SPL tokens. Accounts that have been inactive for 6 or months are being targeted. However, several new users came forward to report their losses.
Both Slope and Phantom have notified their users about the incident.
“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update,” Phantom said in their tweet.
At the same time, Slope has promised to update users as soon as they have answers. "To all those currently affected by the breach on Solana, please know we are actively working to sort out the issue as rapidly as possible and rectify best we can. We will be in touch as soon as we have answers," Slope said in a tweet. They also mentioned that they were actively working with Solana to resolve the issue.
Meanwhile, Solana has also updated the users through Twitter that the platform is looking into the drain.
Solana has also stated that over 7,767 wallets have been affected. The exploit has affected both the extension and the mobile app.
“There’s no evidence hardware wallets have been impacted – and users are strongly encouraged to use hardware wallets. Do not reuse your seed phrase on a hardware wallet - create a new seed phrase. Wallets drained should be treated as compromised, and abandoned,” Solana updated in a tweet thread.
One of the addresses is “Htp9MGP8Tig923ZFY7Qf2zzbMUmYneFRAhSp7vSg4wxV” which holds over $6 million. Several transactions from unique addresses were directed toward this account.
The wallet has since been blacklisted and halted.
Youness Kasmi, the founder of Private Foxes, has highlighted 2 other wallets draining users’ funds. Kasmi also stated that, "Disconnecting apps from phantom will not help, safest thing to do is send SOL/NFTs to a ledger, if you don't have try to create a new wallet (never used to mint/sign before) and send it there."
Latest speculations claim that it’s a “supply chain hack” that enabled the attackers to access private keys and carry out the exploit.
Update : In a latest tweet, Solana has claimed that the exploit was not a result of a bug in the network's software. The tweet further states that the bug appears to be in the wallets used by Solana users.
"This does not appear to be a bug with Solana core code, but in software used by several software wallets popular among users of the network," Solana's latest tweet says.
We'll update when more information is available.
The information provided on DecentReviews does not constitute investment advice, financial advice, trading advice, or any other sort of advice. Do not treat any of the websites content as such. DecentReviews does not recommend that any cryptocurrency or blockchain asset should be bought, sold, or held by you. Conduct your own due diligence and consult your financial advisor before making any investment decisions.