The Solana ecosystem has become the newest victim of cryptocurrency crime, after more than 8,000 wallets become compromised in what appears to be an ongoing attack as of Tuesday night.
Those with Solana blockchain-based crypto wallets were rudely awakened when funds were unexpectedly withdrawn without their consent from hot wallets such as Phantom, Slope, and TrustWallet. Although it still remains unclear what exactly lead to the compromise, it appears that the cybercriminal was able to sign off on transactions without the wallet owner’s permission, implying that a third-party service may have come under attack.
“We are evaluating the incident impacting Solana wallets and are working closely with other teams in the ecosystem to get to the bottom of this. We will issue an update once we gather more information,” a Phatom spokesperson told CoinDesk. “The team doesn’t believe this is a Phantom-specific issue at this time.”
As of Tuesday night, the hacker already managed to take off with around $5 million worth of SOL, SPL, and several other Solana-based coins. The latest attack, which comes one day after thieves stole $190 million from the crypto bridge Nomad project, has raised concerns about the safety of hot wallets. Although users find such non-custodial wallets to be more convenient for storing, sending, and receiving digital tokens since they are constantly connected to the internet, they are not as secure as cold wallets or USB drives, which need to be connected to a computer in order to conduct transactions.
Information for this briefing was found via CoinDesk and Twitter. The author has no securities or affiliations related to this organization. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
