Another day, another crypto hack. Only that this time, the latest widespread attack has targetted private keys and the exact extent of the damage caused is still unknown.
The hackers targetted Solana users with millions of funds being withdrawn from thousands of wallets.
On-chain data shows that the estimated losses so far are around $8 million from over 7,000 compromised wallets. And according to Ava Labs CEO and founder Emin Gun Sirer, this number has been rising at around 20 per minute.
While the attack vector remains unknown, it is reported that the hack could potentially be due to a “supply chain issue” which was exploited to steal user private keys behind affected wallets. This information was given by prominent blockchain security expert PeckShield.
The attacker managed to get hold of both native tokens (SOL) and SPL (USDC) from hot wallets. And it is worthy of note that, the majority of wallets that were targeted have been inactive for over six months.
Solana-based hot wallets such as Phantom and Slope are major targets and users have been warned by experts to transfer their funds into offline cold wallets.
Anonymous blockchain sleuth, zachxbt, also observed that the wallet of the hacker received funds via Binance seven months ago.
However, it was dormant before the attack, and 10 minutes before the event, four different wallets were used by the hacker.
The breach was confirmed by Solana and it was revealed that about 7,767 wallets were affected by the breach.
Slope also confirmed that it is currently working with Solana Labs and other Solana-based protocols to get to the root of the problem.
Featured image source: cryptonews.com