Users of Solana and Slope Wallets Were Evaporated in a Suspected Exploit
Users advocate moving SOL tokens to a distributed ledger and deactivating trusted applications such as Magic Eden or staking them.
Users of the Solana digital wallets Phantom and Slope claim that an unknown vulnerability connected to the wallets or associated trusted applications has stolen millions of dollars.
Several users and market players claim that an exploit on the Solana network or through native wallets is draining users’ cash, notwithstanding their disconnection from web browsers and transfer activity. The exact nature of the exploit is yet unknown.
Phantom team notified Blockworks, “We are working together with other teams to investigate a reported vulnerability in the Solana ecosystem.” The unit does not feel that this is a Phantom-specific problem at this time. The amount taken from user wallets cannot be determined now.
Users have reported getting messages indicating they are transferring tokens to an unidentified collection of addresses. It is believed that more than $6 million in SOL has been taken from over 7,760 wallets so far. Blockworks was unable to independently verify the amount stolen immediately.
Similarly, users of the web-based bitcoin wallet Slope have reported a vulnerability. The attacker is believed to have stolen both SOL and Solana Program Library (SPL) tokens.
A Twitter user with the handle @Paladin informed Blockworks that numerous persons acquainted with the matter had their wallets “randomly emptied.”
Paladin pointed to two substantial wallet addresses with a total balance of around 37,777 SOL (approximately $1.5 million) believed to belong to the exploiter. Paladin said that the third wallet with about 2,402 SOL ($95,000) continues to have cash syphoned to its address due to the vulnerability.
The attack seems to affect all Solana-based tokens, with instructions to move money to a distributed ledger, revoke trusted applications like NFT marketplace Magic Eden, or stake them.
Continuous hacking is “fundamentally an impossible challenge,” Immunefi’s CEO Mitchell Amador said in an interview with Blockworks. “We anticipated that events would take this course. Volatility is inherent to cryptocurrencies, therefore the amount of money moving in would rise.”