Clues but No Clarity in Mysterious Solana Wallet Hack

The Solana blockchain itself was not compromised, lead developers say, but some 8,000 wallets have lost cryptoassets

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Founders tweeted there is no issue with the network itself
  • Investors may be advised to move their tokens to cold storage or exchanges

Thousands of Solana users have fallen victim to a mysterious exploit that began draining cryptoassets about 18 hours ago. So far over $5.2 million in assets has been stolen, according to estimates from data firm Elliptic, from nearly 8,000 wallets, as tracked by Dune Analytics. 

In addition to solana (SOL), a handful of Solana NFTs and over 300 Solana-based tokens were pilfered as well.

The root cause is still unclear, but signs point to a common thread among the affected members of the Solana community — they all interacted with the Slope mobile wallet.

Rather than a flaw in the Solana blockchain itself, the exploit likely stems from a bug in hot wallet software, according to Anatoly Yakovenko, Solana Labs co-founder.

Loading Tweet..

Solana Status, the blockchain’s hub for data and system performance, initially pointed the finger at software used by several popular wallets.

Loading Tweet..

Other Twitter users such as @HelpedHope have added to speculation that hot wallets — crypto storage solutions connected to the internet — on various operating systems from both mobile and desktop to iOS and Android were affected, while cold wallets were not.

However, private keys initially generated by another wallet, but then imported into Slope, may have subsequently been leaked, leading to the difficulty pinpointing a chain of events.

In a statement, the Slope team said they are “actively conducting internal investigations and audits, working with top external security and audit groups.”

While acknowledging uncertainties remain as to the cause, they advised all Slope users to “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.”

This hack, while comparatively smaller than others, is significant because the perpetrator was not thought to be a lone actor, and the attack targeted thousands of individual wallets rather than a central source of funds such as an exchange or inter-blockchain bridge.  

Initially promoted as Ethereum’s main competitor, and currently the second-largest blockchain for NFTs after Ethereum, the Solana blokchain has had its share of issues.

Since the beginning of the year, the network has suffered five outages due to consensus failures and has gone offline for multiple hours on end. The latest occurred in June and took 4½ hours to rectify. 

The price of the SOL token has fallen nearly 4% in the past 24 hours, at the time of publication, according to data compiled by Blockworks.

This story was updated on August 3, 2022, at 5:02 pm ET with a statement from the Slope team.


Don’t miss the next big story – join our free daily newsletter.

Tags

Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

MON - WED, MARCH 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience:  Attend expert-led panel discussions and fireside chats  Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts   Grow your network […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Frax report cover.jpg

Research

Frax saw continued development in its frxETH liquid staking derivative and Fraxlend money market throughout 2023. Frax V3 introduces an RWA strategy to drive utility to the protocol's cornerstone product, the FRAX stablecoin.

article-image

Heron Finance caters to US accredited investors and uses Goldfinch credit markets on the backend

article-image

Bitcoin, up more than 160% year to date, has plenty of steam left in this rally, analysts say

article-image

Nova Labs will hope to grow Helium’s hotspot network to reduce backup coverage costs paid to T-Mobile

article-image

The LinkedIn posting states that the position would “support the Federal Reserve System’s [CBDC] Research and Development program.”

article-image

Both central banks are exploring the impact a CBDC could have on an economy

article-image

Neutron core contributor Dutheil notes this is “a period of consolidation” in the Cosmos ecosystem