After it was found that nearly 8,000 Solana wallets had been compromised, the Solana smart contract project continues to struggle. Solana is asking victimized wallet owners to complete a survey and the team stressed that “engineers are investigating the root cause.”
Solana investigates massive Wallet Exploit. The Root Cause Of This Hack is Still Unknown
Solana users now face a serious wallet vulnerability. It affected certain wallet software, such as Phantom and Slope. Solana developers and victims discovered the exploit on Tuesday evening (EST) and the hacker’s method of attack is currently unknown.
Peckshield is a blockchain security company noted that it’s possible the exploit stemmed from a supply chain attack. Anatoly Yakovenko, cofounder of Solana Labs and CEO said that the exploit was likely to have been derived from supply chain attacks.
“Seems like an iOS supply chain attack. Multiple plausible wallets that only received sol and had no interactions beyond receiving have been affected,” Yakovenko wrote. “Android seems to be affected as well. The key was either imported on mobile or generated by it in all confirmed cases. Most of the reports are Slope, but a few Phantom users as well,” the Solana Labs CEO added.
Solana has been victim to an exploit that drains millions of dollars from her multiple accounts.
It is not known what caused the SOL exploit. pic.twitter.com/uvoUO8yNlO
— Hector Lopez (@hlopez_) August 3, 2022
Presently, the amount of stolen funds from the hack is also unknown, as the security firm Anchain estimated the hack to be around $5 million, and Peckshield’s estimate was around $8 million. It is believed that the hack involved approximately $5 million in stolen funds. Peckshield’s estimate was around $8 million. Solana StatusThe Solana Team’s latest discoveries were explained by a Twitter account.
“Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted,” the team said.
Also, the Solana team left victims a survey that asked a few specific questions. These included what address was affected and what wallet type the victim used. Victims will need to provide information about the date and time they downloaded the wallet, as well as whether the wallet was for iOS, Android or Windows.
The survey will ask victims whether they created a seed sentence from the wallet. It also wants to know when and where it was created. The seed phrase question is “required,” according to the Solana hack survey hosted on the Solana Foundation’s website.
Solana’s recent wallet exploit follows the blockchain’s issues with block production in September 2021 June 2022. Between those two dates, Solana’s network had to stop block production a total of eight times.
The exploit this week has damaged solana’s (SOL) market gains and out of the top ten crypto assets, SOL is the only token down in value against the U.S. dollar on Wednesday. SOL has fallen to the ninth place, after being a prominent crypto-economy player a few months before.
“It is not yet clear at this time whether the attackers exploited a vulnerability in the Phantom wallet or some other hidden weakness in the broader Solana ecosystem,” Mikkel Mørch, the executive director at the digital asset investment fund ARK36 told Bitcoin.com News on Wednesday. “But the hack will definitely cast a shadow over Solana’s credibility as a better alternative to Ethereum – especially when it comes to security. It may even give Ethereum some additional boost from the narrative perspective as the safest and most reliable defi ecosystem,” Mørch added.
Let us know your thoughts on the Solana exploit that affected nearly 8,000 SOL-based wallets. Please comment below to let us know your thoughts on this topic.
Images CreditsShutterstock. Pixabay. Wiki Commons
DisclaimerThis article serves informational purposes. This article is not intended to be a solicitation or offer to sell or buy any product, service, or company. Bitcoin.com doesn’t offer investment, tax or legal advice. This article does not contain any information, products, or advice that can be used to cause or alleged result in any kind of damage.