Hackers have targeted the Solana ecosystem, extracting cryptocurrency from thousands of connected wallets. Such attacks are common among blockchain platforms, but the news is still significant given the acclaim Solana has received as one of the faster and cheaper digital asset trading ecosystems.
Solana’s official Twitter account said that approximately 7,767 wallets were affected by the attack, including those belonging to third-party Phantom and Slope. The company did not explain the cause of the attack, but noted that there was no evidence that hardware wallets (that were not connected to the Internet) had been affected.
“Engineers are currently working with multiple security researchers and ecosystem teams to identify the cause of the exploit, which is currently unknown,” the company said in a tweet.
An exploit allowed a malicious actor to extract money from a number of wallets on Solana. As of 5 a.m. UTC, approximately 7,767 wallets have been affected.
The exploit has affected several wallets, including Slope and Phantom. This seems to have affected both mobile and extension.
— Solana Status (@SolanaStatus) August 3, 2022
However, on Twitter, Solana’s co-founder Anatoly Yakovenko went into more detail, suggesting the hack looked like a supply chain attack targeting both iOS and Android applications (meaning the attackers exploited a weakness in connected apps or browser extensions).
It appears that hackers have been able to steal Solana’s proprietary cryptocurrency (SOL) as well as some that are compatible with the Solana blockchain, such as the stablecoin USD Coin (USDC). As the attack is underway, the value of the stolen assets is not clear, but reports from independent analysts and security firms suggest it’s currently in the high single-digit millions of dollars.