Clues but No Clarity in Mysterious Solana Wallet Hack
The Solana blockchain itself was not compromised, lead developers say, but some 8,000 wallets have lost cryptoassets
Blockworks Exclusive art by axel rangel
key takeaways
- Founders tweeted there is no issue with the network itself
- Investors may be advised to move their tokens to cold storage or exchanges
Thousands of Solana users have fallen victim to a mysterious exploit that began draining cryptoassets about 18 hours ago. So far over $5.2 million in assets has been stolen, according to estimates from data firm Elliptic, from nearly 8,000 wallets, as tracked by Dune Analytics.
In addition to solana (SOL), a handful of Solana NFTs and over 300 Solana-based tokens were pilfered as well.
The root cause is still unclear, but signs point to a common thread among the affected members of the Solana community — they all interacted with the Slope mobile wallet.
Rather than a flaw in the Solana blockchain itself, the exploit likely stems from a bug in hot wallet software, according to Anatoly Yakovenko, Solana Labs co-founder.
Solana Status, the blockchain’s hub for data and system performance, initially pointed the finger at software used by several popular wallets.
Other Twitter users such as @HelpedHope have added to speculation that hot wallets — crypto storage solutions connected to the internet — on various operating systems from both mobile and desktop to iOS and Android were affected, while cold wallets were not.
However, private keys initially generated by another wallet, but then imported into Slope, may have subsequently been leaked, leading to the difficulty pinpointing a chain of events.
In a statement, the Slope team said they are “actively conducting internal investigations and audits, working with top external security and audit groups.”
While acknowledging uncertainties remain as to the cause, they advised all Slope users to “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.”
This hack, while comparatively smaller than others, is significant because the perpetrator was not thought to be a lone actor, and the attack targeted thousands of individual wallets rather than a central source of funds such as an exchange or inter-blockchain bridge.
Initially promoted as Ethereum’s main competitor, and currently the second-largest blockchain for NFTs after Ethereum, the Solana blokchain has had its share of issues.
Since the beginning of the year, the network has suffered five outages due to consensus failures and has gone offline for multiple hours on end. The latest occurred in June and took 4½ hours to rectify.
The price of the SOL token has fallen nearly 4% in the past 24 hours, at the time of publication, according to data compiled by Blockworks.
This story was updated on August 3, 2022, at 5:02 pm ET with a statement from the Slope team.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
- Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
