The Solana ecosystem is trending on Twitter for the wrong reasons. Millions of dollars have been drained from Phantom, Slope, and Trust wallets containing SOL, and SPL (USDC) in a seemingly ongoing, widespread hack.
At the time of writing, countless users are either reporting on the hack as it happens or reporting that they have lost funds, advising to move funds into cold wallets, with Phantom retweeting that:
“Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted.”
Emin Gün Sirer, Founder and CEO of Ava Labs, the driving force behind PoS blockchain Avalanche, stated that over 7,000 Solana wallets have been drained, with 20 wallets being drained every minute. He believes that because the transactions are properly signed, the attacker has obtained access to private keys.
“One possible route is a “supply chain attack” where a JS library is hacked, and it exfiltrates (steals) users’ private keys.”
Solana NFT marketplace Magic Eden also took to Twitter to warn of the exploit and instructed Phantom wallet users to revoke permissions for suspicious links, with Phantom still investigating the reported exploits.
With the recent increase in hacks, the crypto community is raising concerns about the security of Solana, compiling a list of reasons it should never be used.
According to blockchain analyst PeckShield, the widespread hack is most likely the result of a “supply chain issue” that has been exploited to steal user private keys hidden behind affected wallets. It stated that the total loss so far is estimated to be around $8 million.
Slope stated that it is currently working with Solana Labs and other Solana-based protocols to identify and resolve the problem, though there have been “no major breakthroughs yet.”