- Solana’s price fell dramatically within hours, and it is reported that more than 5,000 wallets are affected.
- The fact that the owners themselves are signing these transactions raises suspicions of a compromised private key.
Late Tuesday night, an unidentified assailant stole Solana and USDC worth countless millions of dollars from thousands of wallets. The cyber-attack- attack, which was still active at 8:00 PM PST, appeared to come from the Phantom wallet on the Solana browser and was thought to have compromised user keys. It may have involved seed phrases that were repurposed by various wallets on various chains.
As of now (1, 2, 3, 4), several Solana addresses have been connected to the attack, and those wallets have stolen at least $5 million worth of SOL, SPL, and other tokens from unwary users. The attack is still progressing.
In the last few hours, “over 5,000 Solana wallets have been depleted,” according to blockchain auditing company OtterSec. The fact that the owners of these transactions are signing them suggests a compromised private key.
Preliminary reports specifically called out the Solana ecosystem and the Phantom browser wallet. As of this writing, the news has already caused an 8% decline in Solana’s valuation in the last two hours.
Crypto investor and analyst Miles Deutscher stated that an unidentified $SOL exploit was currently draining arbitrary Phantom wallets. “$6 million is currently being stolen. Make sure to remove all permissions and transfer your funds to a hardware wallet if you have money on Phantom.”
Popular Solana NFT marketplace Magic Eden also posted a warning about the flaw on Twitter.
The account claimed that “there appears to be a widespread SOL exploit at play that’s draining wallets throughout the ecosystem.” Magic Eden gave instructions on how to disable permissions for dubious links in the tweet.
Phantom claims that it is closely collaborating with other teams to address a disclosed vulnerability in the Solana ecosystem. Tweeted by Phantom. The team currently does not think that this is a Phantom-specific problem. We’ll release an update as soon as we have more data.
Twitter is jam-packed with accounts of Solana users discovering that their token balances have mysteriously vanished. It seems that Solana is not the only target of the attack. Another user said that his USDC balance had also been depleted.