Solana Wallets Targeted in Latest Multimillion Dollar Hack

The Solana ecosystem appears to be falling victim to the latest cryptocurrency mining spree, with users reporting that their funds have been accidentally drained from internet-connected "hot" wallets including Phantom , Slope and TrustWallet.
The attack is still ongoing and more than 8,000 wallets have been compromised so far according to blockchain auditors OtterSec. Several Solana addresses were involved in the attack (1, 2, 3,
), with these wallets hoarding at least $5 million in SOL, SPL, and other Solana-based tokens from users no doubt.
The exact cause of Tuesday night's attack remained unclear throughout Tuesday night, although it appears to have primarily affected mobile wallet users. This striker is somehow capable of signing (ie initiate and approve) transactions on behalf of users, suggesting that a trusted third-party service may have been compromised in a so-called supply chain attack.
Engineers from multiple networks have discovered that the bug is not related to Solana's core code but to the software used by multiple software wallets, according to a tweet from SolanaStatus.
The attack is sure to rekindle a long-running debate about the security of hot wallets, which are always connected to the internet to provide users with a convenient way to send, store, and receive cryptocurrency. death. Cold wallets - USB sticks that need to be plugged into a computer to sign transactions - are touted as a safer, if less convenient, alternative.
"We are evaluating the issue affecting the Solana wallet and working closely with other teams in the ecosystem to understand the issue. We will post an update as we gather more information,” a representative of Phantom, Solana’s largest hot wallet, told CoinDesk in a statement. "The team does not believe this is a Phantom-specific issue at this time."
Some users initially suspected that the attack could be linked to transactions on Magic Eden's Solana-based Inability Token Market (NFT), although the connection became should be less obvious as the attack continues. The market tweeted warning users to revoke permissions to their wallets to avoid being hacked. He also suggested users "[m] move it all to a cold wallet/ledger."
Twitter continues to be inundated with reports of Solana users noticing tokens suddenly being emptied from their accounts.
“I was fixing my sunglasses when I received a push notification from my mobile wallet that I had deposited all the SOL in my wallet,” community member Solana @gostak_gm told CoinDesk. "It's my primary active wallet, so I've connected it to multiple web and mobile extension wallet providers, as well as multiple dapps. I'm not sure what could be the root cause. I glad most of my coins are cold wallet.
It is unknown at this stage if the vulnerability is limited to the Solana blockchain to DefiLlama - which has gained popularity over the past year due to fast transactions and low fees. Its native token, SOL, dropped
% in the hours following the attack.