Cyberattackers Drain Nearly $6M From Solana Crypto Wallets

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.

Dark Reading Staff, Dark Reading

August 3, 2022

1 Min Read
Image of physical Solana coin
Source: Diamond Visuals via Alamy Stock Photo

An attack that began on Aug. 2 has so far drained nearly $6 million in assets from almost 8,000 Solana wallets — specifically "hot" wallets that are always connected to the Internet. 

According to Elliptic Connect, the attackers have stolen SOL, a few nonfungible tokens (NFTs), and more than 300 Solana blockchain-based tokens. According to the Elliptic report, the bug that enabled the cryptocurrency attack appears to be in the wallet software rather than the Solana blockchain. 

Solana, in a series of tweets, confirmed that the breach also affected Slope and Phantom wallets, and it asked any affected customers to provide the compromised wallet address

"Engineers are currently working with multiple security researchers and ecosystem teams to identify the root cause of the exploit," Solana said in a tweeted announcement of the crypto-wallet breach. "Wallets drained should be treated as compromised, and abandoned."

Users should disconnect their wallets from the Internet if they're configured to be always-connected.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights