780 million yen worth of Solana and related tokens leaked from thousands of cryptocurrency wallets



From the night of August 2 to the morning of August 3, 2022, an incident occurred in which hundreds of millions of yen worth of Solana and other Solana-based tokens were leaked from thousands of cryptocurrency wallets compatible with the

Solana blockchain. It turns out that the attack was not related to the core code of the Solana blockchain, but to wallets used for trading cryptocurrencies.

Over $5.8 Million Drained in Solana Wallet Exploit | Elliptic | Elliptic Connect
https://hub.elliptic.co/analysis/over-5-8-million-drained-in-solana-wallet-exploit/

Thousands of Solana wallets drained in attack using unknown exploits
https://www.bleepingcomputer.com/news/security/thousands-of-solana-wallets-drained-in-attack-using-unknown-exploit/

Thousands of Solana wallets drained in multimillion-dollar exploit | TechCrunch
https://techcrunch.com/2022/08/03/solana-wallet-hack/

Solana Hack Blamed on Slope Mobile Wallet Exploit - Decrypt
https://decrypt.co/106680/solana-hack-blamed-slope-mobile-wallet-exploit

On the night of August 2, 2022, Solana and USDC, a stablecoin against the US dollar, were leaked from many cryptocurrency wallets compatible with the Solana blockchain. In response to this incident, Solana said that engineers from multiple ecosystems began investigating the cause, and also reported that as many as 7,767 cryptocurrency wallets were affected as of 5 a.m. UTC. increase.



Blockchain analytics provider Elliptic reports that 7,947 wallets were affected, with total damage reaching $5.8 million. Looking at the breakdown, USDC is 2.6 million dollars (about 350 million yen), Solana is 1.8 million dollars (about 240 million yen), and the rest are other Solana-based tokens and NFTs, totaling 4 of cryptocurrency wallets are linked to the attack.



The target was primarily mobile cryptocurrency wallets, and the attackers somehow acquired the ability to sign cryptocurrency transactions and arbitrarily transfer cryptocurrencies from the wallets. Tech media outlet Bleeping Computer speculates that the attacker compromised the private key because the fraudulent transaction was signed by the rightful owner.

A victim named @gostak_gm commented to CoinDesk, a virtual currency-related media, ``I received a notification that ``I sent all Solana from my wallet'' when I was wearing sunglasses again. In addition, @gostak_gm said that although the cause of the remittance was unknown, most of the funds were stored in a cold wallet isolated from the Internet, so serious damage was avoided.

Initially, there was speculation that the attack was linked to multiple cryptocurrency wallets and NFT marketplaces, but it was reportedly ultimately caused by the Solana blockchain-powered Slope wallet. The Solana official account said that the private key was mistakenly sent to the application monitoring service for some reason, although the specific cause is unknown.



Slope, a cryptocurrency wallet service, has also released an official statement, admitting that several Slope wallets have been compromised. It should be noted that it was the software wallet that was infringed, and there was no problem with the hardware wallet. Slope encourages all users to create a new wallet with a different seed phrase and transfer cryptocurrencies to the new wallet.



Cryptocurrency wallets other than the Slope wallet have also suffered damage, but another cryptocurrency wallet, Phantom, claims that the culprit is Slope wallet account import.



Related Posts:

in Software,   Web Service,   Security, Posted by log1h_ik