More than 8,000 wallets have been impacted by the ongoing Solana (SOL) attack, which is thought to have stolen between $4.5 million and $8 million.
Data gathered by cryptocurrency tracking service MistTrack indicates that four addresses connected to hackers have so far stolen digital assets totaling $580 million from over 8,000 wallets.
However, according to MistTrack, $4.5 million worth of SOL, USDC, USDT, BTC, and ETH have been taken, disregarding the value of EXIST and “and other shitcoins.”
Based on the current amount of above assets held by the 4 addresses, we estimate the total loss is around ~$4.5M https://t.co/8Ayp1sfd97
— MistTrack🕵️ (@MistTrack_io) August 3, 2022
However, blockchain analyst PeckShield predicted a greater loss, saying:
“With one illiquid shitcoin (only 30 holdings and maybe misvalued $570 million), the loss is now projected to be $8 million.”
Users using popular “hot” wallets connected to the internet, such as Phantom, Slope, and TrustWallet, started complaining that their assets had been taken without their knowledge as soon as the breach got underway. Some impacted customers said that it had been more than 40 days since they last interacted with a contract.
The transactions are being signed by the real owners, according to blockchain auditor OtterSec, which raises the possibility of a compromised private key. To transfer their funds “to a hardware (wallet) or a centralized exchange,” they urged all users of the impacted wallets.
Although it appears that users of mobile wallets were mostly affected, the specific reason for the attack is still not entirely evident.
Engineers from several ecosystems are looking into drained wallets on Solana, according to the people behind the platform. They are being assisted by a number of security businesses.
They said, “There is no proof that hardware wallets are affected.”
Phantom said that “the team does not feel this is a Phantom-specific issue at this time.”
Anatoly Yakovenko, a co-founder of Solana Labs, claims that only a delegation for a specific token, an auto approve, or a leaked seed may move money from a wallet on behalf of the user.
“Delegation is not possible since system transfers are taking place. No “interaction” could possibly expose a wallet to risk” – added he.
Later, Yakovenko stated that this appears to have been an attack on the iOS supply chain, noting that imported keys were also compromised.