Crypto Hack Spree Sees Millions Stolen In Just Days - And It's Still Ongoing

A new Solana ecosystem crypto hack left behind thousands of users with emptied wallets — and it's still ongoing. On August 2, 2022, the first owners of wallets connected to Solana reported that their funds were actively being stolen, and as the day went on, more and more reports came flooding in. While the cause of the hack is still unclear and as such, it cannot be stopped, one thing is certain: millions of dollars are already gone, with more to follow unless the root of the problem can be pinpointed soon.

Solana is based on a decentralized blockchain, which means that it's a ledger of sorts; a system in which each and every cryptocurrency transaction is recorded and has to be confirmed in a peer-to-peer network before it can go through. Being decentralized means that the funds do not belong to any single organization and the control over the blockchain is split. Although Bitcoin and Ethereum are larger than Solana, the latter is still amongst the biggest cryptocurrencies, and it operates its own network that supports other crypto coins, such as the so-called stablecoin (pegged to the value of the U.S. dollar) USDC. 

It seems that in this attack, most of the affected users lost money in Solana's native token SOL as well as USDC. As for the current losses, the reports vary, but it's clear that we're talking about numbers roughly equivalent to millions of dollars. Crypto analyst Miles Deutscher estimates $6 million, but security firm PeckShieldAlert claims it might be more than $8 million. There is no telling just how much money will be lost by the time the attacker is finally stopped.

Almost 8,000 wallets were drained

Aside from the aforementioned coins, over 300 other Solana-based tokens have been stolen alongside a few non-fungible tokens (NFTs). As reported by Fortune, most of the affected crypto wallets were so-called "hot wallets," which means they were connected to the internet. These wallets are often regarded as less secure than "cold wallets," also known as "hardware wallets," which do not require an internet connection and are more difficult to compromise. In the case of the Solana attack, the following three wallets saw the biggest losses: Phantom, Slope, and Trust Wallet.

Austin Federa, the head of communications at the Solana Foundation, told Fortune: "This does not appear to be a bug with Solana core code, but in software used by several wallets popular among users of the network." This statement is echoed throughout various publications that report that the hacker was able to accept the wallet-draining transactions on the behalf of the owners of the account. The co-founder of Solana, Anatoly Yakovenko, claimed on Twitter that the hack could be a "supply chain attack," meaning the attacker targeted a third-party vendor as opposed to the Solana platform itself. 

While experts involved in various ecosystems are trying to assist Solana in stopping the attack, the general advice for users is to move their funds to an offline wallet. Solana Status on Twitter said that there has been no evidence of hardware wallets being impacted. The same account is also expected to be posting updates on the state of things as new information emerges.