The Solana (SOL) blockchain is currently under attack with many users reporting that their wallets have been drained of funds without consent or knowledge of any transactions.
What we currently know about the Solana hack
At this time it appears that the attack is linked to “hot wallets” on the Solana blockchain including some of the more popular ones like Phantom wallets, Trust wallets and Slope wallets. Many Solana wallet addresses have reported they have fallen victim to the attack and more are expected until the exploit is identified and corrected. The reported missing funds at this time are upwards of $6 million which occurred over a 10 minute time period on August 2nd.
Solana NFT marketplace Magic Eden also confirmed the reports of an ongoing hack and said “seems to be a widespread SOL exploit at play that’s draining wallets throughout the ecosystem”. They then asked users to revoke permissions for any suspicious links in their Phantom wallets. Magic Eden has released a statement on twitter advising its users on how to revoke permissions for links they deem suspicious.
Magic Eden then released a 2nd tweet asking their users to setup a brand new wallet and transfer funds to that new wallet or transfer funds to a ledger cold storage wallet.
A Phantom wallet representative stated that “We are evaluating the incident impacting Solana wallets and are working closely with other teams in the ecosystem to get to the bottom of this. We will issue an update once we gather more information,” and followed up with “The team doesn’t believe this is a Phantom-specific issue at this time.”
Phantom also released a statement via twitter stating that they are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem.
It remains unclear what the root cause of the exploit is, if it is still ongoing or even how far it reaches. Twitter is currently inundated with reports of Solana wallets that have been drained of all funds. We plan to follow the story closely and report on new updates as well as the eventual resolution.