On Tuesday night, Solana users worldwide were shocked to discover that their internet-connected wallets had been emptied of SOL, USDC stablecoin, and other Solana-based tokens in a so-called supply chain assault.
It was discovered that over 8,000 Solana wallets had been infiltrated, with the perpetrator(s) stealing about $5 million worth of coins and tokens.
Tuesday night, news of the breach surfaced. Solana Status disclosed that around 8,000 wallets had been compromised, while the entire scope of the attack remained unclear. Users of Phantom, Slope, and TrustWallet were targeted.
Some hypothesised that the assault was related to the rights that users may have granted to smart contracts and other platforms in the past. Magic Eden, a marketplace for non-fungible tokens (NFTs) in Solana, has encouraged users to remove authorization for dubious connections. However, this did not seem to help since transactions continued to be appropriately signed, suggesting that users’ private keys had been hacked.
Multiple ecosystems’ engineers determined that the hack was not triggered by a flaw in the Solana core code. Possibly due to deficiencies in the software used by many wallets inside the blockchain ecosystem.
Anatoly Yakovenko, co-founder and CEO of Solana Labs, stated that both iOS and Android users were affected by the supply chain hack. He also requested that impacted users provide information.”
The larger crypto community consistently advised Solana users to move their assets to centralised exchanges or cold storage.
Meanwhile, the Solana Foundation is encouraging people who lost money during the assault to complete a survey that will aid engineers investigating the situation in determining its core cause.