An attack on the Solana blockchain platform drained thousands of wallets. The attackers were successful in stealing cryptocurrency worth millions of U.S. dollars.

About the attack

The attack had impacted more than 7,700 wallets, such as Phantom and Slope. Solana started an investigation to find out how the attackers managed to steal the funds. 
  • A recent count from a blockchain analysis reported the number of affected wallets is 7,936 and the loss of $5.2 million in crypto assets, including NFTs, SOL, and 300 Solana-based tokens.
  • Along with the above-mentioned wallets, some additional wallet users, such as Solflare and Trust Wallet, have been affected as well.

According to the company, the impacted wallets in this attack should be considered compromised and should be moved to other hardware-based secure variants of wallets  (such as cold wallets), which are apparently not affected. 

How did the attack happen?

Researchers suspect various methods could be used by the attackers to drain the wallets.
  • The money-siphoning transactions are signed by the rightful owners, indicating that attackers may have compromised the private keys.
  • Furthermore, the technique used to gain access to private keys could be a supply chain attack, a flawed random number generator used in the key generation process, or a browser zero-day flaw.
  • Another possibility is a nonce reuse bug that could have allowed the attackers to restore people’s secret keys, as long as a signature and the nonce have been exposed publicly.

However, the exact attack vector has not yet been confirmed.

Conclusion

Such an attack may happen again, so do not keep the entire cryptocurrency funds in a hot wallet and only use them for storing smaller amounts. Further, the better part of the assets is advised to be stored in a cold wallet, which should be disconnected from third-party services and the internet.
Cyware Publisher

Publisher

Cyware