A Major Exploitation of Solana Blockchain Begins to Drain Phantom Wallets, SOL Down 4%

by Arthur · August 2, 2022

<br />

Ethereum Layer-1 competitor Solana has faced a major exploit on its platform according to the latest reports. According to details, thousands of Phantom wallets have been compromised with hackers stealing anywhere upwards of $6 million. There are more than 7000+ wallets affected and also rising at 20/min.

Although the exact numbers are not known, this is just a random estimate from people familiar with the matter. For users who have their money in Phantom’s hot wallets, it would be best to send money to an exchange or move it to a hardware wallet.

In their recent update, Solana said they have been monitoring the incident. However, there is no evidence that any hardware wallet has been compromised. The official one announcement notes:

Engineers from multiple ecosystems, with help from multiple security firms, are investigating drained wallets on Solana. There is no evidence that hardware wallets are affected.

Phantom Investigating the Matter, SOL Tanks 4%

Phantom, the Solana-based wallet for DeFi and NFTs, has investigated the matter. Also, they’ve said that the exploit issue doesn’t seem specific to the Phantom. In its official announcement, Phantom noted:

We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. Currently, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will provide an update.

Over the past year, the Solana blockchain network has been exposed to several exploits. This has affected Solana’s reputation to some extent. Following the recent exploit, Solana’s original cryptocurrency SOL has come under pressure. As of press time, SOL is trading down 3% to a price of $30.09 with a market capitalization of $13.5 billion.

Ava Labs founder Emin Gun Sirer shared his opinion on the nature of the wallet exploits. He noted:

One possible route is a “supply chain attack” where a JS library is hacked and it exfiltrates (steals) users’ private keys. Affected wallets appear to have been created within the last ~9 months, but there are reports that newly created wallets are also affected.

Many people have suggested a faulty random number generator. This seems very anachronistic. 10 years ago, maybe. But we now know what not to do during private key generation. So I would be shocked if the hacker “cracks” the keys due to lack of entropy.

Bhushan is a FinTech enthusiast and has a keen flair for understanding the financial markets. His interest in economics and finance draws his attention to the emerging markets of blockchain technology and cryptocurrency. He is continuously in a learning process and stays motivated by sharing his acquired knowledge. In his spare time, he reads thriller novels and sometimes explores his culinary skills.

The content presented may include the author’s personal opinion and is subject to market conditions. Do market research before investing in cryptocurrencies. The author or publication bears no responsibility for your personal financial loss.