The Solana community became the newest victims of an all-out hack. Solana users were messaged to move all their funds to cold storage and ignore possible wallet scams. The August 2 exploit involved thousands of Solana-based wallets for a total of roughly $8 million. The stolen money caused a massive panic that sent users flocking to Twitter to notify everybody about the attack.
Wallet services Phantom and Slope were the first to give the word about the attack via social media.
After that, the crypto influencers, security firms, and analysts followed the trail as the hacking continued.
According to analysts, the attackers breached the wallets using private keys for legitimate on-chain transactions. Based on the findings from Ava Labs CEO, Emin Gun Sirer, the breach affected 7000 wallets.
Continuous Alerts Spread Throughout Social Media
Personalities including Heidi (@blockchainchick), Solana Status (@solanastatus), and Solana Labs co-founder Anatoly Yakovenko highly advised all affected users to refrain from contacting individuals who claim to provide solutions to the hack.
According to Yakovenko’s tweet thread, it “Seems like an iOS supply chain attack. Multiple plausible wallets that only received sol and had no interactions beyond receiving have been affected. Android seems to be affected as well. All the confirmed stories so far have had the key imported or generated on mobile. Most of the reports are slope, but a few phantom users as well.”
However, he noted that initial investigations focused on wallets that received SOL tokens.
The studies showed that there were no further interactions beyond the receiving of SOL. The private keys are imported to mobile for all exploited wallets.
As of this writing, more details will be revealed since Solana Labs and all involved firms are sleuthing on the current situation. But, for now, the safest measure is for SOL holders to move their funds to a more centralized exchange or cold storage and decline any permissions from dApps within the wallet settings.