Security News > 2022 > August > Thousands of Solana wallets drained in attack using unknown exploit

An overnight attack on the Solana blockchain platform drained thousands of software wallets of cryptocurrency worth millions of U.S. dollars.
In a statement today, Solana said that at 5 AM UTC the attack impacted more than 7,700 wallets, including Slope and Phantom.
A more recent count from blockchain analysis provider Elliptic puts the number of impacted wallets closer to 7,936 and the losses to $5.2 million in cryptoassets.
Solana says that wallets impacted in this attack should be considered compromised and should be abandoned for the hardware variant - cold wallets, which appear to remain unaffected.
While there is no definitive answer at the moment about how the wallets were drained, multiple voices leaning towards a vulnerability in the wallet software.
"The root cause is still not clear, but it appears to be due to a flaw in certain wallet software - rather than in the Solana blockchain itself" - Elliptic.
News URL
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)