A security breach has hit the Solana (SOL) ecosystem, resulting in the theft of more than $6 million from over 5,000 users of Phantom and Slope wallets. What precautions should you take to protect yourself
The Solana ecosystem in turmoil
During the night of August 2/3, stories from users of the Solana ecosystem (SOL) poured in on Twitter. These users claimed to have suddenly lost all their cryptocurrencies on their Phantom or Slope wallets.
OtterSec, a company specialising in blockchain auditing, quickly confirmed that an attack was indeed underway on the Solana blockchain:
More than 5,000 Solana wallets have been emptied in the last few hours. These transactions are signed by the actual owners, suggesting some sort of private key compromise. “
Over 5000 Solana wallets have been drained in the past few hours. https://t.co/8XS7oGrJQP pic.twitter.com/oNWgtZm2oS
– OtterSec (@osec_io) August 3, 2022
According to the address data exploited by the hacker, nearly $6.6 million, mainly in SOL tokens and USDC, has already been siphoned off from Phantom and Slope wallet holders.
On Twitter, Phantom reassures its users that this is not a breach of the wallet:
” We are working closely with other teams to investigate a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
Zachxbt, a self-described “on-chain detective”, spotted the hacker feeding the main wallet associated with this attack through Binance 7 months ago.While Binance can thus trace the identity of the attacker, it may well be a compromised wallet itself.
How to protect yourself effectively
If you have a Phantom or Slope wallet, be careful when logging into it. It is possible that a fraudulent pop-up will appear to compromise your wallet, such as a fake pop-up from Magic Eden stating that you have won an NFT and asking you to install an add-on.
Do NOT allow this extension to be installed in order to preserve the integrity of your wallet.
Next, you should check the permissions granted by your wallet, and revoke any that you find suspicious.
It is also advisable to create a new wallet with a new seed phrase, and then transfer all your non-fungible tokens and cryptocurrencies to it.
As the ultimate and ideal solution to protect your funds, hardwares wallets remain the best way to keep your cryptocurrencies safe, especially if the amounts you hold are large.
An incident like this is yet another reminder of just how necessary the use of a cold wallet is in our ecosystem