Today, one of the most curious hacks in the crypto scene happened. More than $6,000,000 in Solana and USDC was stolen from over 8,000 Solana wallets. The hacker used private keys to siphon user funds, which is why it is considered one of the most mysterious hacks in the crypto industry to date. Let’s see how specifically the Solana hack happened.
Timeline – This is how Solana hack happened
It all started this morning when some noticed unusual fund outflows from phantom wallets on Solana. Numerous news thus appeared on social media that users are massively transferring funds from their wallets. Phantom took a position on this and issued a statement that this was not a “Phantom-specific issue”.
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
As soon as we gather more information, we will issue an update.
A short time later, developer and auditor 0xfoobar found that the hackers were stealing both Solana and USDC from Slope and Phantom wallets.
The best thing to do in such a situation is to revoke access to all linked dAPPS immediately to reduce the chances of getting hacked yourself.
AVAX co-founder el33th4xor quickly claimed that the attacker had access to private keys and was able to transfer the money. There are two theoretical possibilities for this: On the one hand, the hackers could have carried out a “supply chain attack”. For this they had to hack the JS library and steal the private keys. On the other hand, a browser exploit would also be an option. However, this seems extremely unlikely, since several Internet systems would have to be affected. Only Solana was infiltrated in this hack. In addition, Emin Gün Sirer recognized that hardware wallets and tokens on central exchanges are not at risk.
After hours of speculation, Solana responded on Twitter that more than 7,767 wallets were affected by the exploit.
Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted.
This thread will be updated as new information becomes available.
Solana RPC nodes fail unreasonably
The hack also got worse as some RPC nodes started pinging as offline. This indicated that the Solana network was down, prompting more panic on Twitter.
lmao you can't make this up – some madlad started DOSing the hacker which caused the RPC nodes to start failing
FYI – the chain is fine pic.twitter.com/AzbEvFLft4
The reason for this is an alleged counter-attack on the hacker. According to the theory, the developers should have carried out several DDos attacks on the nodes in order to slow down the hack. What is worrying, however, is that the exact cause of the failure is still not clear.
Solana Hack – No exact cause and target known until now
Even Solana co-founder Anatoly couldn’t pass judgment on what the cause and exact goal of the hack was. Most likely, iOS-imported wallets have been the main target. The Solana developers are currently asking users for data to try to get to the bottom of the exploit. Solana’s latest update states that the reason for the hack does not appear to be a bug with the Solana core code.
Engineers from across several ecosystems, in conjunction with audit and security firms, continue to investigate the root cause of an incident that resulted in approximately 8,000 wallets being drained. 1/2
It should therefore be noted that the Solana network was not hacked, but access to the funds was only gained via “third-party” plugins.
Impact on the price of Solana
After the events became known, the cryptocurrency Solana slightly lost around 5%. The hack is a new image damage to the project and unsettles the investors. In addition, the failure of the RPC nodes is another setback. However, it appears that Solana’s code is not directly affected. This realization is currently calming down a bit and Solana was able to gain almost 5% again, removing the previous price loss.
Solana prices are currently still up and part of an uptrend. In figure 1 below, we can see how prices are still going higher. Once the $45 resistance is broken higher, Solana price should increase by around 50%.
Crypto Hacks Are On The Rise – How Do I Protect Myself?
Unfortunately, the Solana exploit is no longer a special case. The fourth biggest hack in crypto history happened yesterday. An update error has allowed more than $190 million to be stolen from the Nomad Bridge. The crypto market has consequently become a popular target for hackers. It is all the more important for small investors to protect their funds in a risky environment. It is particularly striking that hardware wallets are unaffected by almost every hack. That’s why the motto developed in the crypto space: “Not your keys, not your coins.” So if you want to be 100% secure and want to protect your money from hacker attacks or bankruptcies, you should consider a hardware wallet. Only those who keep their coins privately will have a high probability of staying safe from such events.
