Clues but No Clarity in Mysterious Solana Wallet Hack

The Solana blockchain itself was not compromised, lead developers say, but some 8,000 wallets have lost cryptoassets

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Founders tweeted there is no issue with the network itself
  • Investors may be advised to move their tokens to cold storage or exchanges

Thousands of Solana users have fallen victim to a mysterious exploit that began draining cryptoassets about 18 hours ago. So far over $5.2 million in assets has been stolen, according to estimates from data firm Elliptic, from nearly 8,000 wallets, as tracked by Dune Analytics. 

In addition to solana (SOL), a handful of Solana NFTs and over 300 Solana-based tokens were pilfered as well.

The root cause is still unclear, but signs point to a common thread among the affected members of the Solana community — they all interacted with the Slope mobile wallet.

Rather than a flaw in the Solana blockchain itself, the exploit likely stems from a bug in hot wallet software, according to Anatoly Yakovenko, Solana Labs co-founder.

Loading Tweet..

Solana Status, the blockchain’s hub for data and system performance, initially pointed the finger at software used by several popular wallets.

Loading Tweet..

Other Twitter users such as @HelpedHope have added to speculation that hot wallets — crypto storage solutions connected to the internet — on various operating systems from both mobile and desktop to iOS and Android were affected, while cold wallets were not.

However, private keys initially generated by another wallet, but then imported into Slope, may have subsequently been leaked, leading to the difficulty pinpointing a chain of events.

In a statement, the Slope team said they are “actively conducting internal investigations and audits, working with top external security and audit groups.”

While acknowledging uncertainties remain as to the cause, they advised all Slope users to “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.”

This hack, while comparatively smaller than others, is significant because the perpetrator was not thought to be a lone actor, and the attack targeted thousands of individual wallets rather than a central source of funds such as an exchange or inter-blockchain bridge.  

Initially promoted as Ethereum’s main competitor, and currently the second-largest blockchain for NFTs after Ethereum, the Solana blokchain has had its share of issues.

Since the beginning of the year, the network has suffered five outages due to consensus failures and has gone offline for multiple hours on end. The latest occurred in June and took 4½ hours to rectify. 

The price of the SOL token has fallen nearly 4% in the past 24 hours, at the time of publication, according to data compiled by Blockworks.

This story was updated on August 3, 2022, at 5:02 pm ET with a statement from the Slope team.


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Screenshot 2024-05-23 091855.png

Research

Bitcoin L2s aim to boost scalability while preserving decentralization and security, unlocking a better user experience, and new avenues for Bitcoin-powered innovations. However, no existing Bitcoin L2 leverages the full security of Bitcoin.

article-image

Also, toncoin could be crypto’s next blue-chip token

article-image

I believe that the innovation happening on Bitcoin right now is what will ultimately lead to a better Bitcoin for everyone

article-image

The payments firm is exploring PYUSD’s payments use cases

article-image

Planned funds would not stake their holdings, which some say will hurt the ETFs’ appeal for certain investors

article-image

Solana validators voted in favor of a proposal that would send 100% of priority fees to validators

article-image

In November, an iteration of the survey found that 34% of respondents were paying attention to crypto, but that figure has since jumped to 41%