Home > Security & Privacy
Solana 'Hot' Wallets Are Being Drained In Multi-Million Dollar Attack
Dennis Diatel Photography via Getty Images
August 4th, 2022 | 17:30 PM | 365 views
The bad actor has reportedly emptied over 8,000 internet-connected wallets.
An unknown actor has drained over 8,000 internet-connected wallets in an ongoing attack on the Solana blockchain ecosystem. According to Blockchain auditor OtterSec, the attacks were still ongoing when it posted an update in the evening of August 2nd and that they had affected multiple wallets, including Phantom, Slope, Solflare and TrustWallet, across a wide variety of platforms.
As TechCrunch notes, the bad actor seems to have stolen both Solana tokens and USDC stablecoins, with the estimated losses so far amounting to around $8 million. OtterSec is now encouraging users to move all their assets to a hardware wallet, and the Solana Status Twitter account echoed that advice, adding that there's no evidence "cold" wallets have been impacted.
The Solana Status account has also revealed that an exploit allowed a malicious actor to drain funds from the compromised wallets and that it seems to have affected both their mobile versions and extensions. Engineers from multiple ecosystems have already banded together to work with security researchers to identify the root cause of the exploit, which is yet to be discovered.
People in the crypto industry have several theories, though, with some believing that the bad actors got access to private keys through a supply chain attack, because the attacker was able to sign, or initiate and approve, transactions on behalf of the victims. Others warning that the exploit has caused the widespread compromise of private keys and that revoking wallet approvals won't help at all.
courtesy of ENGADGET
by Mariella Moon
If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]