The Solana network seems to be the victim of an ongoing cyberattack. Over the last few hours, several users have taken to Twitter to report that their Solana holdings have been completely drained.
Data from block explorer, Solana FM backs these reports and shows that the attackers have managed to syphon off more than $5 million so far. The platform has also managed to identify four wallets currently linked to the attack and has posted details of the same on Twitter.
The community has identified these 4 wallets as the hackers & we have tagged them on our explorer.
CEzN7mqP9xoxn2HdyW6fjEJ73t7qaX9Rp2zyS6hb3iEuHtp9MGP8Tig923ZFY7Qf2zzbMUmYneFRAhSp7vSg4wxV5WwBYgQG6BdErM2nNNyUmQXfcUnB68b6kesxBywh1J3nGeEccGJ9BEzVbVor1njkBCCiqXJbXVeDHaXDCrBDbmuy pic.twitter.com/llOJJvpJkV— SMS Solana.FM🔮🔍 (@solanafm) August 3, 2022
What's more alarming is that the attack is still unfolding, and initial reports point to compromised private keys. If this is true, wallet holders could do very little to prevent funds from being stolen.
"As of now, there are over 8,000 victims and counting," tweeted Blockchain audit firm OtterSec. "These transactions are being signed by the actual owners, suggesting some sort of private key compromise," it said in a separate tweet.
At first, it was believed that the attack was limited to Phantom wallets and the popular Solana NFT marketplace Magic Eden. The latter also took to Twitter to warn users, saying, "There seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem." The platform also suggested revoking permissions for suspicious links as a safety measure.
Phantom is also looking into the matter. "We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem," it said in a tweet. "At this time, the team does not believe this is a Phantom-specific issue. As soon as we gather more information, we will issue an update."
As more reports surfaced, it became evident that the exploit was not limited to SOL and Phantom wallets. Users have also reported USDC holdings being drained over the last few hours. And latest tweets from OtterSec reveal that attackers are also targeting other wallets such as Slope, Solflare, TrustWallet.
Also Read | A look at how Colombia is using blockchain technology to store and maintain records of its land deeds
Popular crypto analyst 0xfoobar confirmed these developments in a Tweet, saying the attacker was stealing "both native tokens (SOL) and SPL tokens (USDC)" from "Phantom & Slope wallets reportedly". He also pointed out that revoking permissions wouldn't prevent funds from being stolen. Instead, he suggested moving funds to an offline cold wallet to ward off the threat.
This is the second attack in two days. Just yesterday, crypto bridge Noman was hacked, with the attackers syphoning off close to $190 million. SOL dropped 8 percent in the first couple of hours following the attack. However, it has registered a slight recovery since then, trading at $38.54 at the time of writing.
Also Read | A look at some of the top universities that offer cryptocurrency and blockchain programmes
(Edited by : Abhishek Jha)
First Published: Aug 3, 2022 10:53 AM IST
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
Telangana CM violated poll code, defer Rythu Bharosa payment, says Election Commission
May 7, 2024 9:01 PM
Lok Sabha Election 2024: How Indian political parties are leveraging AI
May 7, 2024 6:59 PM