There are reports on crypto Twitter of Solana (SOL) funds being drained from wallets connected to online apps, rather than being on a Ledger.
CIA Officer (@officer_cia), an independent crypto security researcher with 22,000 followers has advised unlinking browser-based Solana wallets from all internet sites, and moving funds to a new clean wallet.
Solana Hacking – Safety Tips
Big news – @Solana hack!
In an unknown way scammers are withdrawing $SOL from the wallets of ordinary users right now!
The amount of stolen funds currently exceeds $5 million. I recommend unlinking your wallet from all sites so they don't have access to your assets! pic.twitter.com/NVI5ULeCdB
— CIA Officer (@officer_cia) August 2, 2022
The thread above contains several other reports from affected users and possible hacker addresses on Solscan. Some have reported the exploit affects wallets linked to Solana NFT marketplace Magic Eden, and other sites such as SolaLand.
Solana wallets such as Phantom and Slope are commonly used as Chrome extensions, within internet browsers as an alternative to hardware wallets. The current advice is to move funds to an offline cold storage wallet such as a Ledger, or to at least create a new online software wallet not associated with any Dapps online.
The Solana price is currently down 8% in the past 24 hours, more than Bitcoin and Ethereum, losing the $40 level and dropping under $38 at the time of writing.
There seems to be a widespread hacking throughout the Solana ecosystem Here is what you need to do
— STEPN | Public Beta Phase V (@Stepnofficial) August 3, 2022
Update – Solana blockchain based app STEPN (@Stepnofficial) have also tweeted a PSA on the Solana hacking and some advice on what actions to take to keep funds secure.
Magic Eden (@MagicEden) have also advised revoking permissions of apps within the Phantom wallet ‘trusted apps’ settings.
Phantom (@phantom) tweeted: ‘We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.’
Some crypto Twitter accounts estimate the amount of SOL drained to have exceeded $6 million.
NB – accounts offering crypto fund recovery services on social media over DM are also scammers, beware of impersonators claiming to be able to retrieve stolen funds, whether Solana or other tokens.
Related
- Best Crypto Wallets
- Best Cold Storage Wallets
- Best Hardware Wallets
- Phantom Wallet Unveils NFT Feature, Protecting Users From Scams
- Best NFT Presales to Invest
Battle Infinity - New Metaverse Game
- Listed on PancakeSwap and LBank - battleinfinity.io
- Fantasy Sports Themed Games
- Play to Earn Utility - IBAT Rewards Token
- Powered By Unreal Engine
- Solid Proof Audited, CoinSniper Verified