Solana has a system-wide security hole


On the morning of August 3, Twitter account OtterSec, the moderator on Solana, reported that more than 5,000 Solana users’ wallets had been withdrawn in the last few hours.

Initially, some investors discovered that many crypto addresses on Solana had been massively withdrawn from Phantom and Slope wallets. However, there is no official confirmation yet.

“Some vulnerabilities in Phantom Wallet and Magic Eden, net withdrawal of 6 million USD in 10 minutes, it seems that all Phantom wallets are affected”

Regarding the cause of the incident, OtterSec said that these transactions were signed by the owner of the crypto wallet, which suggested a private key vulnerability.

Account “oxfoobar”, the crypto analyst said, “the attacker stole both SOL and SPL tokens. It appears that wallets that have been active in the last six months are affected, oxfoodbar said.

What worries people is that this is not an isolated vulnerability, but it seems that all Phantom and Slope e-wallets are affected.

Even Magic Eden admitted that Solana was experiencing a large-scale security incident that could lead to the loss of assets from users’ wallets. The NFT exchange also advises users to revoke suspect apps from the Phantom wallet.

The blockchain game project Star Atlas also has a similar warning for the community.

Phantom said it is working with other project teams on the issue while still believing this is not the project’s fault.

To deal with this situation, many people have advised users to revoke or stop licensing strange applications. However, others argue that this makes no sense because the transaction is signed by the user himself and not transferred by a third party.

According to a Twitter account named “foobar”, the only safe way is to transfer all assets to a cold wallet.

After the information was shared, SOL dropped more than 9% in value in 2 hours to $37.43.


Please enter your comment!
Please enter your name here