Tech

Thousands of Solana wallets drained in multimillion dollar exploit – TechCrunch


Solana, an increasingly popular blockchain known for its fast transactions, has been the target of the crypto sphere’s latest attack after users reported that funds had been drained from wallets. “hot” is connected to the internet.

An unknown actor withdrew funds from 7,767 wallets on the Solana network as of 5 a.m. UTC on Wednesday, Twitter account Solana’s status speak. However, blockchain security firm SlowMist’s crypto tracker determined that more than 8,000 wallets have been withdrawn. Its estimates The loss so far is about $8 million.

The attack – which only affects “hot” wallets, or wallets that are always connected to the internet, allowing anyone to store and send tokens easily – is apparently not limited to Solana. Justin Barlow, an investor at Solana Ventures, report that his USDC balance has also been drained. Cryptocurrency Analyst @ 0xfoobar confirmed that “the attacker is stealing both native tokens (SOL) and SPL tokens (USDC)… affecting wallets that have been dormant for less than 6 months.”

The attack compromised other wallets including Phantom, Slope, Solflare, and TrustWallet. Solana warns that wallets that run out of funds should be considered compromised and abandoned, Solana warns, encouraging users to switch to hardware or “cold” wallets.

Phantom, a rapidly growing Solana-based wallet reached a valuation of $1.2 billion in January, speak it is “working closely with other groups to address the reported vulnerability in the Solana ecosystem”.

“At this time, the team does not believe this is a Phantom-specific issue,” the wallet developer said.

Slope added that they are “actively working to resolve the issue as quickly as possible and fix it as best we can”, while the token is not replaceable (NFT) Marketplace Magic Eden urges users to revoke permissions for any suspicious links in their Phantom wallets.

The cause of the attack is still unclear, but industry leaders include Emin Gün Sirer, founder of another well-known blockchain Avalanche, shown that the transactions were duly signed, meaning the vulnerability could be a “supply chain attack” to steal the user’s private key. @0xfoobar added that “something may have caused a widespread private key breach” and warned that revoking wallet approvals probably won’t help.

Solana spokesman Chris Kraeuter declined to answer our questions but referred us to Solana’s Status Twitter account, which states that the company’s engineers are “currently working with multiple developers.” security research and ecosystem team to determine the root cause of the exploit, currently unknown. “

The Solana attack occurred just hours after the malicious actors abused a “chaotic” security exploit to steal nearly $200 million in digital assets from the Nomad cross-chain messaging protocol. The “free-for-all” attack, which resulted in over 41 addresses spending $152 million – 80% of the stolen funds – was made possible thanks to a recent update to one of Nomad’s smart contracts making it easy for users to forge transactions.

This is an evolving story.





Source link

goznews

Goz News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably.

Related Articles

Back to top button