As malicious actors drained nearly $8m (£6.6m) from wallets on the Solana (SOL) network in an ongoing attack, users have been advised to take measures to protect their funds.
The attack has affected Solana-based wallets Slope and Phantom. Users of Phantom were recommended in a tweet to revoke permissions in the application's settings, by the team from Magic Eden, a non-fungible tokens (NFT) marketplace on Solana.
SOL to US Dollar
????????????There seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem— Magic Ethen ???? (@MagicEden) August 3, 2022
Here's what you can do right now to best protect yourself
1. Go to >Settings on your @phantom wallet
2. >Trusted Apps
3. >Revoke Permissions for any suspicious links
Developers from Slope, Phantom, and Solana identified vulnerability as originating from Slope: “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana tweeted.
What is your sentiment on BTC/USD?
2/ In the meantime, if any Phantom users have also installed other wallets, we recommend you try to to move your assets to a new non-Slope wallet with a fresh seed phrase.— Phantom (@phantom) August 3, 2022
Not a network attack
In an official statement, the team from Slope wrote: “While we have not fully confirmed the nature of the breach, in the spirit of safeguarding our user base, we recommend ALL Slope users do the following: Create a new and unique seed phrase wallet, and transfer all assets to this new wallet.”
“Again, we do not recommend using the same seed phrase on this new wallet that you had on Slope,” they added.
A seed phrase is a combination of 12 randomly selected words, which functions as a recovery password.
Phantom echoed the Slope's recommendation in a tweet: “If any Phantom users have also installed other wallets, we recommend you try to move your assets to a new non-Slope wallet with a fresh seed phrase.”
Hardware wallets have not been compromised, according to Solana and Slope developers.
‘The depth of the exploit is yet to be completely fathomed’
While developers from Solana, Phantom, and Slope are investigating the scope of the attack, more is yet to come, Vladimir Gorbunov, Founder and CEO at Choise.com, MetaFi ecosystem says the Solana hack has kept the protocol on its toes .
"While it shows how generally insecure DeFi can be, the tag that the hack originated from the Slope wallet has given more investors a platform to be careful of.
With many of the users losing hard-earned money, the depth of the exploit is yet to be completely fathomed.
While no operational model is immune to hacks, the incessant attack of DeFi protocols is largely making CeFi look more secure. As such, we may see the usage of trusted centralized storage services providers skyrocket in the near future.”
Gorbunov said that Solana share price did not suffer in the midst of the ongoing attack, as CEO of one of the biggest cryptocurrency exchanges FTX (FTT), Sam Bankman-Fried, stood by the network:
this is a good example of how something can be under-rated— SBF (@SBF_FTX) August 3, 2022
a random dAPP gets compromised and it's blamed on the underlying blockchain. (To be clear, no core or internal infra had any issues! It was just a single third-party application some people used...)
in other news... https://t.co/je6r9v4jmj pic.twitter.com/bMJHRULgJB
FTT to US Dollar
“Surprisingly, Solana’s price appears unaffected as the coin is trading at $39.22, up 2.09% in the past 24 hours. The price may be unaffected in the long term as industry heavyweight Sam Bankman-Fried seems to have come out to defend the protocol following the hack, a move that helps restore confidence,” Gorbunov said.
“Based on these events, Solana has not completely lost its positive outlook in the broader DeFi ecosystem. However, the innovators within its fold and the broader industry will need to do better in order not to lose their goodwill across the board,” he added.