Solana wallets ‘compromised and abandoned’ as users warned of scam solutions

The cryptocurrency ecosystem has been rocked by a widespread exploit targeting Solana wallets that have been ongoing since Wednesday. Phantom and Slope, two Solana-based wallet services, initially flagged the attack on their social media platforms, alongside a host of cryptocurrency influencers, blockchain analytic and security firms and victims of the hack as it continued to unfold.

A handful of commentators noted that attackers had gained access to user private keys, as transactions were signed on the chain legitimately. Ava Labs CEO and founder Emin Gun Sirer estimated that more than 7,000 wallets had been affected, a number cited by various other individuals and firms online.

As investigations begin to unpack the root cause that allowed an attacker to pillage thousands of wallets, affected users are being warned not to accept help from individuals online purporting to have solutions to the hack. Heidi Chakos, the host of the YouTube channel Crypto Tips, stressed that scammers would be looking to exploit the ongoing situation.

Solana Status has been providing updates since the exploit began and noted that 7,767 wallets had been affected at 5:00 am UTC on Wednesday. Several wallets were affected across mobile and browser extensions.

Solana stressed that users move funds to cold storage and create new seed phrases, while the owners of the nearly 8,000 drained wallets were told that these should “be treated as compromised, and abandoned.”

Engineers from multiple ecosystems are investigating the root cause of the incident with assistance from security firms. Users affected by the exploit are being asked to provide their compromised wallet addresses to the Solana Foundation to assist in the investigation. 

Solana co-founder Anatoly Yakovenko gave the latest update from the Solana team on his Twitter account, highlighting what other blockchain analysts had speculated was a supply chain attack that allowed the hackers to gain access to private keys.

Yakovenko said preliminary investigations showed wallets that had only ever received Solana (SOL) and had no interactions beyond receiving have been affected. The exploit affected both iOS and Android devices and all the affected wallets had their private keys imported or generated on mobile.

Cointelegraph has reached out to Solana for an updated figure of the number of wallets affected by the exploit. It is also unclear whether affected wallets will see funds recouped or refunded after the incident. Data from Dune Analytics currently lists 7,941 wallets that have been affected by the exploit.

Solana wallet platform Solflare told Cointelegraph that it had not suffered any loss of funds and that it was working with other wallet providers to provide support toward a solution. 

The uniform message to SOL holders from the wider cryptocurrency ecosystem is to move funds to cold storage or centralized exchanges and to revoke permissions from trusted apps in wallet settings. Solflare also warned that users with mnemonic seed phrases originating from other wallets were at risk of being exposed.

Source: Read Full Article