Clues but No Clarity in Mysterious Solana Wallet Hack

The Solana blockchain itself was not compromised, lead developers say, but some 8,000 wallets have lost cryptoassets

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Founders tweeted there is no issue with the network itself
  • Investors may be advised to move their tokens to cold storage or exchanges

Thousands of Solana users have fallen victim to a mysterious exploit that began draining cryptoassets about 18 hours ago. So far over $5.2 million in assets has been stolen, according to estimates from data firm Elliptic, from nearly 8,000 wallets, as tracked by Dune Analytics. 

In addition to solana (SOL), a handful of Solana NFTs and over 300 Solana-based tokens were pilfered as well.

The root cause is still unclear, but signs point to a common thread among the affected members of the Solana community — they all interacted with the Slope mobile wallet.

Rather than a flaw in the Solana blockchain itself, the exploit likely stems from a bug in hot wallet software, according to Anatoly Yakovenko, Solana Labs co-founder.

Loading Tweet..

Solana Status, the blockchain’s hub for data and system performance, initially pointed the finger at software used by several popular wallets.

Loading Tweet..

Other Twitter users such as @HelpedHope have added to speculation that hot wallets — crypto storage solutions connected to the internet — on various operating systems from both mobile and desktop to iOS and Android were affected, while cold wallets were not.

However, private keys initially generated by another wallet, but then imported into Slope, may have subsequently been leaked, leading to the difficulty pinpointing a chain of events.

In a statement, the Slope team said they are “actively conducting internal investigations and audits, working with top external security and audit groups.”

While acknowledging uncertainties remain as to the cause, they advised all Slope users to “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.”

This hack, while comparatively smaller than others, is significant because the perpetrator was not thought to be a lone actor, and the attack targeted thousands of individual wallets rather than a central source of funds such as an exchange or inter-blockchain bridge.  

Initially promoted as Ethereum’s main competitor, and currently the second-largest blockchain for NFTs after Ethereum, the Solana blokchain has had its share of issues.

Since the beginning of the year, the network has suffered five outages due to consensus failures and has gone offline for multiple hours on end. The latest occurred in June and took 4½ hours to rectify. 

The price of the SOL token has fallen nearly 4% in the past 24 hours, at the time of publication, according to data compiled by Blockworks.

This story was updated on August 3, 2022, at 5:02 pm ET with a statement from the Slope team.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Research Report Templates (19).png

Research

Suilend has grown into the top money market and liquid staking provider on Sui. STEAMM, Suilend’s Superfluid AMM, presents a compelling avenue for growing market share within Sui’s DEX landscape and revenue generation for the protocol. Suilend’s multi-product suite position it well for owning market share across key verticals. While current metrics across the Sui ecosystem are likely inflated due to Sui Foundation incentive programs, SEND trades at amongst the lowest multiples in the lend/borrow sector, suggesting that a bull case for continued growth in the ecosystem may be mispriced.

article-image

The stablecoin issuer now plans to offer 32 million Class A common stock shares at a price of up to $28 each

article-image

Let’s go whale watching, Bitcoin style: Investigating the mysterious “12ib7” wallet now worth $3.2 billion

article-image

Bitget’s L2 is undergoing a leadership change and will be helmed by Colin Goltra, formerly the blockchain’s chief growth officer

article-image

The funding was spread out across 61 rounds, a slight dip in both number of rounds and total funding in comparison to other months

article-image

Why is it controversial to say things are better than they used to be?

article-image

Wallchain could make influencer ROI more measurable for Solana businesses