Global fintech and funding innovation ecosystem

8000 Solana Wallets Drained in Latest Attack

TechCrunch | Rita Liao, Carly Page | Aug 3, 2022

technology workers - 8000 Solana Wallets Drained in Latest AttackAn unknown actor drained funds from approximately 8,000 wallets on the Solana network, Solana’s Status Twitter account said. It’s estimated the loss so far is around $8 million.

The attack — which has only affected only “hot” wallets or wallets that are always connected to the internet, allowing people to store and send tokens easily — does not appear to be limited to Solana. Justin Barlow, an investor at Solana Ventures, reported that his USDC balance was drained as well. Crypto analyst @0xfoobar confirmed that:

“the attacker is stealing both native tokens (SOL) and SPL tokens (USDC)… affecting wallets that have been inactive for less than 6 months.”

See:  First Crypto Store of Its Kind: Solana Opens in New York City

The attack has compromised other wallets including Phantom, Slope and TrustWallet. Initial reports suggested Solflare users were also impacted, but the company tells TechCrunch it has not been affected by this exploit. Wallets drained should be treated as compromised and abandoned, Solana warned as it encouraged users to switch to hardware or “cold” wallets.

The cause of the attack remains unclear, but industry leaders including Emin Gün Sirer, founder of another popular blockchain Avalanche, pointed out that the transactions were properly signed, which means the vulnerability could be a “supply chain attack” that manages to steal users’ private keys. @0xfoobar added that “it’s likely something has caused widespread private key compromise”, and warned that revoking wallet approvals will probably not help.

See:  Code is Law Case: A Hamilton teen ‘hacked’ US$16 million in crypto (while he may not be in the wrong)

The Solana attack comes just hours after malicious actors abused a “chaotic” security exploit to steal almost $200 million in digital assets from cross-chain messaging protocol Nomad. The “free-for-all” attack, which saw more than 41 addresses drain $152 million — 80% of the stolen funds — was made possible by a recent update to one of Nomad’s smart contracts that made it easy for users to spoof transactions.

Continue to the full article --> here


NCFA Jan 2018 resize - 8000 Solana Wallets Drained in Latest AttackThe National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - 8000 Solana Wallets Drained in Latest AttackFF Logo 400 v3 - 8000 Solana Wallets Drained in Latest Attackcommunity social impact - 8000 Solana Wallets Drained in Latest Attack

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - 8000 Solana Wallets Drained in Latest Attack




 

Leave a Reply

Your email address will not be published. Required fields are marked *