No matter how much security we find in cryptocurrencies or in the blockchain, the smallest breach can make the difference between having a good portfolio or losing everything. And the latter is what has happened to users who had wallets with Solana, SOL, a well-known currency that, due to a security flaw, has cleaned the wallets of nearly 8,000 users.
The computer attack took place in the early hours of the morning, and although it was initially thought to be aimed directly at Solana’s own blockchain, new research seems to point to a flaw in the software of multiple wallets, such as Slope, Phantom, Solflare and Trust Wallet, among others. others.
An exploit allowed a malicious actor to drain funds from a number of wallets on Solana. As of 5am UTC approximately 7,767 wallets have been affected.
The exploit has affected several wallets, including Slope and Phantom. This appears to have affected both mobile and extension.
— Solana Status (@SolanaStatus) August 3, 2022
Although there is no definitive data on the scope of this computer attack, it is believed that it may have affected about 8,000 cryptocurrency wallets, stealing from them 5.2 million dollars between SOL cryptocurrencies, NFTs and other Solana-based tokens.
It is believed that the flaw is in the wallets, and not in the blockchain, because the transactions are signed with the private key of the owners of the wallets, so, apparently, everything seems even legal.
These transactions are being signed by the current owners, suggesting some sort of private key compromise. pic.twitter.com/UTMq4NWErd
— OtterSec (@osec_io) August 3, 2022
How the attackers got these keys is a mystery. For example, they can come from a supply chain attack, a browser zero-day bug, and even a random number generator problem. The reuse of the keys may also have been allowed, provided that they have been publicly exposed.
They have been emptied for now. more than 7000 Solana wallets, but the computer attack is not over. It is more than likely that hackers are already preparing a second wave of attacks to recover even more money from users’ wallets.
Therefore, we are going to explain how we can protect ourselves.
What to do to protect investments
It’s not the first time something like this has happened, and it probably won’t be the last. Any software that manages such large amounts of money can be exposed at any time, and the risk is immense. For this reason, Solana recommends that all users use cryptocurrencies (especially that they invest with SOL, until the origin of the attack can be fully investigated) is use cold, hardware-based wallets. Instead of being a program as such, these wallets are disconnected from the Internet, and from any computer system, protecting everything inside them. The only recommendation is to change the default initial phrase for another that is the same or more robust to prevent them from attacking us from there.
In case of not having a cold wallet, they recommend taking our Solana cryptocurrencies to a trusted exchanger where they can be safely stored to prevent hackers from accessing our wallets.
Also, it is very important to always keep your software wallets up to date, as well as your browser and any software installed on your PC, to prevent other types of attacks. And always, always, change the default security keys for your own.
