Home Blockchain Solana Blockchain Faces New Attack Targeting Ghost and Tilt Wallets

Solana Blockchain Faces New Attack Targeting Ghost and Tilt Wallets

Solana Blockchain Faces New Attack Targeting Ghost and Tilt Wallets

After a series of security breaches and exploits over the past few months negatively impacted investor sentiment, Solana, a layer 1 blockchain, is suffering another attack. As a result, this led to a drop in the value of the platform’s native SOL token as well as investor confidence.

As of this writing, #SOL is trending on Twitter due to an exploit that began on Tuesday, August 2, 2022, draining up to $8 million from thousands of Solana-based wallets so far. like Slope and Phantom.

According to the latest report from blockchain audit firm OtterSec, “the attack is still ongoing and over 5,000 Solana-based wallets have been compromised so far.” The numbers are rising as more users continue to report lost funds.

The exact cause of the attack remains unclear

Although the exact cause remains unclear, preliminary reports indicate that the attacker (or group of attackers) is stealing both SOL and SPL (USDC) tokens, primarily targeting Phantom and Slope wallets which have been inactive for over six months.

The hacker somehow gained the ability to initiate and approve transactions on behalf of users (i.e. sign transactions), suggesting that a third-party service may have been compromised in due to an “upstream dependency supply chain attack”.

The most recent report from blockchain investigator PeckShield claims that hackers are exploiting Solana wallets due to a “supply chain issue” to steal users’ private keys. The total number of compromised wallets has exceeded 8,000 and is growing by around 20 per minute. However, since there is no clear answer as to what caused this, the market is flooded with speculation about the root cause.

Data compiled by blockchain tracking platform MistTrack highlights four wallet addresses that may be linked to hackers. These wallets currently hold approximately $5 million in SOL, USDC, USDT, BTC (BTC-USD) and ETH (ETH-USD). Meanwhile, the Solana team has confirmed the breach, revealing that approximately 7,767 wallets have already been compromised.

The Solana team also clarified that this breach affects mobile apps and web extensions in its wallets. Experts urge users to transfer their assets from Phantom and Slope wallets to other cold wallets or centralized exchange wallets in the meantime.

The attack is still ongoing and initial reports indicate that private keys have been compromised. This means that holders of compromised wallets have limited recourse to prevent hackers from making off with their funds. Following the widespread wallet hack, many investors expressed doubts about Solana’s future. Within two hours of the first reports of the hack, Solana’s price dropped 8%.

According to Vidor Gencel, CEO and co-founder of Solflare, “The only thing we know is that based on current incident reports, there has been almost no mention of Solflare and that users of Solflare are safe unless they import their seed phrase into other wallets – then they could be exposed The whole ecosystem is looking for answers, and we are monitoring the situation closely and will provide updates as soon as possible.

No substantial progress has been made so far

The Slope and Phantom wallet teams have also confirmed that they are working with Solana Labs and other Solana-powered protocols to get to the root of the problem. However, no substantial progress has been made so far. Solana’s security has come under intense scrutiny, especially given the recent spate of hacks that have drained billions of dollars from the ecosystem.

On the security issues that cloud the promising Layer 1 blockchain, Arthur Breitman, co-founder of Tezos, notes: “Security issues that can affect an L1, from least to most severe: (1). Block censorship; (2). Consensus Security Fault; (3). Deflation bugs; (4). Inflation bugs; (5). Widespread compromise of private keys. The problem with the latter is that there is hardly any attenuation.

He explains: “Widespread compromise of private keys is usually not related to bugs in the L1 node but in the clients (eg wallet). Forking, stopping the chain or whatever doesn’t help, because the only way to authenticate users is to know their private key. Once he got out, he got out.

As for potential solutions, Arthur points out, “The only realistic mitigation would be to branch off and have centralized service re-provisioning keys via thorough identity checks to deter misrepresentation. Do it pragmatically for larger holders and bail out smaller ones via inflation.



Please enter your comment!
Please enter your name here