reply on: 🧵Widespread Solana exploit draining wallets throughout the ecosystem 🚩🚩 \ stacker news ~bitcoin

0 sats \ 9 replies \ @cryptocoin OP 3 Aug 2022 \ on: 🧵Widespread Solana exploit draining wallets throughout the ecosystem 🚩🚩 bitcoin

We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.

As soon as we gather more information, we will issue an update.

https://twitter.com/phantom/status/1554626111535026177 https://nitter.it/phantom/status/1554626111535026177 <-- Shows the thread in a single, easy-to-read, web page

0 sats \ 8 replies \ @cryptocoin OP 3 Aug 2022

1/2

Hmm Solana hack seems to:

-Not be via program(contract) -Have hit a few wallets, but not many major ones -Not just be Phantom

My best first guess would be some sort of shared library had a malicious update that is letting the tx sign once a wallet is unlocked.

https://twitter.com/adamscochran/status/1554628443878350851 https://nitter.it/adamscochran/status/1554628443878350851 <-- Shows the thread in a single, easy-to-read, web page

0 sats \ 7 replies \ @cryptocoin OP 3 Aug 2022

I can’t believe I’m sending my fund from a “non-custodial” wallet to my exchange account just to protect it. Good job #Solana 🤦🏻🤦🏻🤦🏻

https://twitter.com/CyanOnChain/status/1554641593927286784 https://nitter.it/CyanOnChain/status/1554641593927286784

0 sats \ 6 replies \ @cryptocoin OP 3 Aug 2022

There's also been evidence of this issue affecting ETH users, although it seems less widespread.

https://twitter.com/JustinBarlow/status/1554623496897957888

https://twitter.com/osec_io/status/1554638382898495488 https://nitter.it/osec_io/status/1554638382898495488

0 sats \ 5 replies \ @cryptocoin OP 3 Aug 2022

There's an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it's very early and the attack is ongoing, there's a lot of misinformation and speculation. So here are a few thoughts and clarifications.

https://twitter.com/el33th4xor/status/1554656344036126720 https://nitter.it/el33th4xor/status/1554656344036126720

0 sats \ 4 replies \ @cryptocoin OP 3 Aug 2022

So far more than 8000 wallets and ~$580M were stolen by the following 4 addresses.

[...]

https://twitter.com/MistTrack_io/status/1554656463603531776 https://nitter.it/MistTrack_io/status/1554656463603531776

0 sats \ 3 replies \ @cryptocoin OP 3 Aug 2022

This Tweet kicks off a thread where he tries to narrow it down to two reasons:

So this wallets being drained are all closed source software.

Classic.

https://twitter.com/nvcoelho/status/1554737291838590976 https://nitter.it/nvcoelho/status/1554737291838590976

0 sats \ 2 replies \ @cryptocoin OP 3 Aug 2022

This Tweet kicks off a thread with a summary so-far:

Seeing a lot of speculation on the hack still. After helping coordinate a SOL Security room for the last 12+ hours and speaking to multiple wallet peoviders, here are some things for the public to keep in mind. Core to everything: we do not have a clear explanation yet. Now, a 🧵

https://twitter.com/HelpedHope/status/1554812859737165824 https://nitter.net/HelpedHope/status/1554812859737165824

0 sats \ 1 reply \ @cryptocoin OP 3 Aug 2022

[UPDATE from Solana]

This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.

While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service. 2/3

https://twitter.com/SolanaStatus/status/1554921397717180416 https://nitter.it/SolanaStatus/status/1554921397717180416

view replies