Hackers have targeted the Solana ecosystem, draining crypto funds from thousands of connected wallets. Such attacks are common among blockchain platforms, but the news is still significant given the praise Solana has attracted as one of the faster and cheaper ecosystems for trading digital assets.
Solana’s official Twitter account said that approximately 7,767 wallets had been affected by the attack, including those operated by third-parties Phantom and Slope. The company did not explain the cause of the attack, but noted that there was no evidence that hardware wallets (those not connected to the internet) had been affected.
“Engineers are currently working with multiple security researchers and ecosystem teams to identify the root cause of the exploit, which is unknown at this time,” said the company in a tweet.
An exploit allowed a malicious actor to drain funds from a number of wallets on Solana. As of 5am UTC approximately 7,767 wallets have been affected.
The exploit has affected several wallets, including Slope and Phantom. This appears to have affected both mobile and extension.
— Solana Status (@SolanaStatus) August 3, 2022
On Twitter, however, Solana’s co-founder Anatoly Yakovenko went into a little more detail, suggesting the hack seemed like a supply chain attack targeting both iOS and Android applications (meaning that the attackers exploited some weakness in connected apps or browser extensions).
It seems hackers have been able to steal both Solana’s own cryptocurrency (SOL) and some compatible with the Solana blockchain, like the stablecoin USD Coin (USDC). As the attack is ongoing, the value of the assets stolen is not clear, but reports from independent analysts and security firms suggest it is currently in the high single-digit millions of dollars.