Last week, security researchers announced that they had discovered thousands of compromised Solana wallets. This is a good reminder of the importance of cold storage for savings, if your keys never touch the internet it is significantly harder to compromise them and generate keys using well-reviewed open source tools.
There was a significant exploit, a hack two days ago in the Solana ecosystem and just to set the record straight, the Solana blockchain itself was not hacked, there weren’t any critical vulnerabilities in the actual blockchain itself but rather we have a compromise in the wallet software used by many people in the Solana ecosystem, so this is not necessarily the main wallet that everybody uses but a specific wallet that still affected many many many users lots of money was taken and drained to an attacker’s wallet we saw this as a sort of cross-pollinating to other ecosystems like the Ethereum ecosystem too. After a great deal of work by devs in the Solana ecosystem, the root cause of the exploit was identified it seems to have originated from the slope mobile wallet, so that is important to note it was nothing to do with the Solana network it involved compromised private keys created imported or used in the slope mobile wallet and that’s why some users who had phantom wallets were also impacted
so if you had a phantom wallet and interacted with the slope application, you could also have been affected, now when it comes to the exact point at which the private keys were exposed, an investigation is still ongoing by the slope team, however, right now it appears as if sentry, an event logging platform, was used to report errors in the app.
if there was any interaction with the app it would trigger an event log yet slope didn’t configure sentry to delete that sensitive info and the result was mnemonic seeds were leaked. Anyone who used a hardware wallet with slope or phantom was completely spared and it shows how important these devices are.
This wallet hack unleashed a tsunami of thud over the Solana ecosystem, that’s because no one could identify the cause of the vulnerability. The hack didn’t come as a surprise to the crypto world. With all of the hiccups, outages, and hacks in the Solana blockchain and ecosystem, holding said coin is riskier than people realize. We wouldn’t be surprised if it also drops below the top 10 coins ranking list
When private keys start getting compromised new levels of panic start to set in, it also doesn’t help that at the time that the hack was taking place Solana RPC nodes were going down. It turned out to be a well-intentioned attempt by white hat hackers to spam the hacker’s address with malformed transactions any transaction that makes a change to an account on the Solana blockchain such as a balance change will put a brief right lock on that account.
These white hats were attempting to slow the hacker’s ability to exploit it further. while that tactic may have helped given the volume of people attempting to spam it, RPC servers started to crash and some in the Solana community were asking those involved in the DDoS to stop because it was impacting on dev’s abilities to access blockchain explorers and further diagnose the issue. it’s a pretty crazy turn of events but I’m glad to see that the issue was isolated to some poor wallet design and not something on the broader network