Security News > 2022 > August > Thousands of Solana wallets drained in attack using unknown exploit
An overnight attack on the Solana blockchain platform drained thousands of software wallets of cryptocurrency worth millions of U.S. dollars.
In a statement today, Solana said that at 5 AM UTC the attack impacted more than 7,700 wallets, including Slope and Phantom.
A more recent count from blockchain analysis provider Elliptic puts the number of impacted wallets closer to 7,936 and the losses to $5.2 million in cryptoassets.
Solana says that wallets impacted in this attack should be considered compromised and should be abandoned for the hardware variant - cold wallets, which appear to remain unaffected.
While there is no definitive answer at the moment about how the wallets were drained, multiple voices leaning towards a vulnerability in the wallet software.
"The root cause is still not clear, but it appears to be due to a flaw in certain wallet software - rather than in the Solana blockchain itself" - Elliptic.
News URL
Related news
- Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)