The initial reports from Solana put the number of impacted wallets at over 7,700, but the latest news from Elliptic puts the number around 8000. The total lost funds is close to $5 million. The flaw could have been caused by software outside the wallet infrastructure. CertiK said the attack came from several different addresses.
The hardware wallet and wallet not connected to the internet were not impacted by the hack, according to Solana. The company said that all the wallet that was drained should be set adrift, burned, or whatever other way users wish to say goodbye to their coins.
The network's own token, SOL, as well as theUSD stable coin, were claimed by hackers.
Users were advised to use a cold hardware wallet instead of leaving it exposed to the pirates. White Hat hackers are trying to slow down the hack by attacking their own server, according to Solana's website. A survey was included for those users who said their accounts were affected.
Anatoly Yakovenko wrote that the attack could be connected to the apps on the phones. He pointed a finger at Apple and Google for security breeches, though he admitted they haven't narrowed it down to any connected apps.
The attacker signed for wallet's actual keys, suggesting that there is a compromise of users' private keys. According to BleepingComputer, that could mean a supply chain attack, but it could also be a zero-day flaw in browsers.
It appears that affected addresses were at one point created, imported, or used in Slope mobile wallet applications.
Slope wrote in a statement that a group of their wallet were compromised, but they are still looking into the cause.
Other teams working on the Solana platform are ready to jump down Slope's throat even though they don't know what happened. Phantom wallet said in a statement that they have reason to believe that the reported exploits are due to problems with imported accounts. We are trying to determine if there were other vulnerabilities that contributed to this incident.
We won't know until the hack is done and the Solana developers are left standing.
At 11:30 a.m., there will be a new update. The post has been updated to include additional comments from Solana.