Solana, an increasingly popular blockchain known for its speedy transactions, has become the target of the crypto sphere’s latest hack.
An unknown actor had drained funds from 7,767 wallets on the Solana network as of 5am UTC on Wednesday, Solana’s Status Twitter account said. At least four wallets have been identified as associated with the exploit, which has stolen funds of at least $5 million.
Solana spokesperson Chris Kraeuter declined to answer our questions, but referred us to Solana’s Status Twitter account.
The hack has so far affected only “hot” wallets or wallets that are always connected to the internet, allowing people to store and send tokens easily.
Phantom, a fast-growing Solana-based wallet that hit $1.2 billion in valuation in January, said it’s “working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem.”
“At this time, the team does not believe this is a Phantom-specific issue,” the wallet developer says.
The attack has compromised other wallets including Slope, Solflare, and TrustWallet. Wallets drained should be treated as compromised and abandoned, Solana warned as it encouraged users to switch to hardware or “cold” wallets.
The cause of the attack remains unclear, but industry leaders including Emin Gün Sirer, founder of another popular blockchain Avalanche, pointed out that the transactions were properly signed, which means the vulnerability could be a “supply chain attack” that manages to steal users’ private keys.
This is a developing story.