An attack that began on Aug. 2 has so far drained nearly $6 million in assets from almost 8,000 Solana wallets — specifically "hot" wallets that are always connected to the Internet.
According to Elliptic Connect, the attackers have stolen SOL, a few nonfungible tokens (NFTs), and more than 300 Solana blockchain-based tokens. According to the Elliptic report, the bug that enabled the cryptocurrency attack appears to be in the wallet software rather than the Solana blockchain.
Solana, in a series of tweets, confirmed that the breach also affected Slope and Phantom wallets, and it asked any affected customers to provide the compromised wallet address.
"Engineers are currently working with multiple security researchers and ecosystem teams to identify the root cause of the exploit," Solana said in a tweeted announcement of the crypto-wallet breach. "Wallets drained should be treated as compromised, and abandoned."
Users should disconnect their wallets from the Internet if they're configured to be always-connected.