Tons of people lost their entire wallet balance in a massive Solana exploit that happened on August 2, 2022. Both native tokens and SPL tokens (USDC) were stolen from TrustWallet as well as Phantom and Slope wallets were reportedly drained. wallets while more than 7,930 The Phantom team spoke up immediately about the hack, claiming that they were trying to get to the root of the problem. There are claims circling around that the Slope mobile wallets were leaking private keys while plenty of people who got drained had both Phantom and Slope wallets and were using their mobile apps. Up to now, no desktop wallets were drained. The first ones to notice the hack was going on were Taiyo Robotic holders who were sitting in a VC with Solport Tom, the project’s owner. Within just 2 minutes, more than $100,000 were stolen. As the night went on, more and more wallet drains were reported. It is worth mentioning that solely in 2022 while the Solana and Binance smart chains were hit the hardest. Last February, the Wormhole bridge (a communication bridge between Solana and other DeFi networks) got hacked. Hackers exploited a signature verification vulnerability and stole about $334 million. This was the second largest hack in DeFi history. hackers stole more than $700 million This SOL exploit was the fifth one this year and, although not the biggest one, it was among the ones that truly raised the dust. For the past 36 hours, more than 200,000 Solana hack-related Tweets were published. Yet, what happened, exactly? From what we know so far, it was an ecosystem-wide vulnerability, not a Phantom or Magic Eden-specific issue but, more likely, a browser-level problem. Revoking permissions for any suspicious links doesn’t help much in situations like this since hackers make it look like the actual owners are the ones signing transfers. Leaked seed phrases could be the reason why assets were transferred from wallets on behalf of users. However, it is still highly advisable you revoke any approvals. Simply log into your wallet, click on the settings tab, and remove approval for all of the trusted apps. We spoke with , head of PR at , the crypto processing and swap service. One of the ChangeNOW ecosystem's products is , and Mike has kindly agreed to shed more light on the matter. Mike Ermolaev ChangeNOW NOW Wallet “ Being drained out of your savings is a horrific thing. Seeing that so many people got affected is even worse. However, this, at the same time, gives us the bigger picture of the situation and, once more, proves the fact that people need more guidance on how to protect their assets and which wallets to use.” With non-custodial wallets, users’ private keys and assets are fully in their ownership and there are absolutely no intermediaries, which means that you are the only bearer of the responsibility for your digital belongings. ”, Mike adds. “Once your private keys are cracked, there’s very little you can do, even if you are using a non-custodial wallet. However, as long as you are making sure that your seed phrase is not stored on your mobile phone or any other device you are using (that has access to the internet), you are good to go. Also, you should be extremely careful about the dApps you are connecting your wallet to and potentially vulnerable browser extensions you are using , Mike spoke about ChangeNOW’s mission to shape a safer environment for everyone in the crypto industry. In one of his past interviews “In November 2021, it returned 600,000 MATIC coins to Eterbase, a Bratislava-based exchange that was hacked in 2020 and lost approximately $5.4 million in cryptocurrency on the day of the hack. Hackers attempted to liquidate the funds through ChangeNOW's swap platform but the funds were frozen by its AML system.” “ is really top-notch. We use a number of sophisticated mechanisms to filter suspicious transactions and detect fraudsters. That’s also how we managed to recover over $19 million of losses related to hacks (just like the one that happened on Solana) and frauds. Will Slope manage to do the same is yet to be seen.” ChangeNOW’s AML system Summary The increasing number of attacks in the crypto space and users losing more than $8 million to hackers during the last one leaves a bad taste in Web3 enthusiasts’ mouths. And, since cybercriminals and malicious individuals are constantly coming up with more advanced methods, it is paramount that we all do our best to prevent users from falling victims to various scams.

USD Coin

Solana

Polygon

Binance

Twitter

2022 - HackerNoon Contributor of the Year - Blogging

2022 - HackerNoon Contributor of the Year - Books

2022 - HackerNoon Contributor of the Year - News

2022 - Hackernoons Tech Storyteller of the Year

Nominated for 2022 - Hackernoons Tech Storyteller of the Year

Nominated for 2022 - HackerNoon Contributor of the Year - Books

Nominated for 2022 - HackerNoon Contributor of the Year - News

Nominated for 2022 - HackerNoon Contributor of the Year - Blogging

Too Long; Didn't Read

Get free API security automated scan in minutes

Massive Solana Exploit Drains $8 Million Worth of Funds 

Massive Solana Exploit Drains $8 Million Worth of Funds

Too Long; Didn't Read

Companies Mentioned

Coins Mentioned

@adam-stieb

RELATED STORIES