More than 8,000 Solana wallet addresses have been compromised. The modus operandi of the attack remains unknown and millions of dollars are being siphoned off at the time of this writing.
GROUND hack in progress
The affected wallets are Phantom, Slope and TrustWallet… The hackers’ addresses received funds seven months ago from Binance. Either after the exchange has introduced the KYC procedure. It’s a start of the trail…
Eight million dollars in SOL, SPL and other Solana-backed tokens were stolen. This figure is increasing from hour to hour.
The origin of the hack remains mysterious for the moment. The Phantom wallet has made it known that the flaw does not seem to come from their home. But one thing is for sure, those responsible for this theft have somehow obtained access to private keys that allow transactions to be “signed”.
The wisest thing at the moment is to transfer all your funds to a “cold” wallet. We also recommend that you disable all permissions for applications connected to your Phantom wallet and others.
As a reminder, a hot wallet is a wallet permanently connected to the internet. Especially if its user often uses other NFT protocols, from challenge and others smart contracts which are connected to it. This is the case with the Phantom wallet.
This hack comes just two days after that of the NOMAD protocol which allows you to create smart contracts connecting several blockchains. The famous ” bridges “which are almost always at the origin of hacks. The equivalent of $190 million in Ethereum and USDC were stolen…
According to the blockchain analysis company Elliptic, more than a billion dollars were stolen via these “bridges” in 2022. And, surprise, ethereum would be concerned again if we believe Austin Federa, spokesman for Solana :
“Many things remain unknown at this stage but we know that physical wallets are not affected. There are also many reports of compromised ETH wallets, but it is not clear whether this is related to this problem or not. »
This is what happens when we keep changing protocols and create smart contract gas plants connecting several programming languages. The flaws multiply and inevitably cause dramas.
Unfortunately, the “crypto” looks more and more like a giant scam under the guise of “technological innovations” of dubious utility, surfing on the mirage of NFTs, the “web 3” and other chimeras.
It’s time for developers to go through the prison box.
Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!
Journalist reporting on the Bitcoin revolution. My papers deal with bitcoin through geopolitical, economic and libertarian prisms.
