780 million yen worth of Solana and related tokens leaked from thousands of cryptocurrency wallets
Solana blockchain. It turns out that the attack was not related to the core code of the Solana blockchain, but to wallets used for trading cryptocurrencies.
From the night of August 2 to the morning of August 3, 2022, an incident occurred in which hundreds of millions of yen worth of Solana and other Solana-based tokens were leaked from thousands of cryptocurrency wallets compatible with the
Over $5.8 Million Drained in Solana Wallet Exploit | Elliptic | Elliptic Connect
Thousands of Solana wallets drained in attack using unknown exploits
Thousands of Solana wallets drained in multimillion-dollar exploit | TechCrunch
Solana Hack Blamed on Slope Mobile Wallet Exploit - Decrypt
On the night of August 2, 2022, Solana and USDC, a stablecoin against the US dollar, were leaked from many cryptocurrency wallets compatible with the Solana blockchain. In response to this incident, Solana said that engineers from multiple ecosystems began investigating the cause, and also reported that as many as 7,767 cryptocurrency wallets were affected as of 5 a.m. UTC. increase.
An exploit allowed a malicious actor to drain funds from a number of wallets on Solana. As of 5am UTC approximately 7,767 wallets have been affected.— Solana Status (@SolanaStatus) August 3, 2022
The exploit has affected several wallets, including Slope and Phantom.
Blockchain analytics provider Elliptic reports that 7,947 wallets were affected, with total damage reaching $5.8 million. Looking at the breakdown, USDC is 2.6 million dollars (about 350 million yen), Solana is 1.8 million dollars (about 240 million yen), and the rest are other Solana-based tokens and NFTs, totaling 4 of cryptocurrency wallets are linked to the attack.
The target was primarily mobile cryptocurrency wallets, and the attackers somehow acquired the ability to sign cryptocurrency transactions and arbitrarily transfer cryptocurrencies from the wallets. Tech media outlet Bleeping Computer speculates that the attacker compromised the private key because the fraudulent transaction was signed by the rightful owner.
A victim named @gostak_gm commented to CoinDesk, a virtual currency-related media, ``I received a notification that ``I sent all Solana from my wallet'' when I was wearing sunglasses again. In addition, @gostak_gm said that although the cause of the remittance was unknown, most of the funds were stored in a cold wallet isolated from the Internet, so serious damage was avoided.
Initially, there was speculation that the attack was linked to multiple cryptocurrency wallets and NFT marketplaces, but it was reportedly ultimately caused by the Solana blockchain-powered Slope wallet. The Solana official account said that the private key was mistakenly sent to the application monitoring service for some reason, although the specific cause is unknown.
This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.— Solana Status (@SolanaStatus) August 3, 2022
While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service.
Slope, a cryptocurrency wallet service, has also released an official statement, admitting that several Slope wallets have been compromised. It should be noted that it was the software wallet that was infringed, and there was no problem with the hardware wallet. Slope encourages all users to create a new wallet with a different seed phrase and transfer cryptocurrencies to the new wallet.
See below for our official statement on the breach situation (now posted to our Medium).— Slope (@slope_finance) August 3, 2022
We empathize with everyone affected, and are doing our best to solve and rectify the situation. https://t.co/E9xrKbdLOy
Cryptocurrency wallets other than the Slope wallet have also suffered damage, but another cryptocurrency wallet, Phantom, claims that the culprit is Slope wallet account import.
1/ Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from @slope_finance .—Phantom (@phantom) August 3, 2022
We are still actively working to identify whether there may have been other vulnerabilities that contributed to this incident. https://t.co/W5B19gbMJX