Hot wallets on Solana blockchain drained of over $5.2 million in a matter of hours

'Wallets drained should be treated as compromised, and abandoned,' said the blockchain

The fast and cheap crypto ecosystem Solana was exploited on August 2nd, with more than 8,000 digital hot wallets drained of over $5.2 million, according to blockchain analytics firm Elliptic.

Stolen funds include the blockchain’s native $SOL token, the $USDC token (stablecoin), a small number of NFTs and roughly 300 other small Solana-based tokens.

According to the blockchain’s official Twitter status page, the exploit hasn’t necessarily affected the blockchain but, rather, hot wallets connected to the internet, like Phantom wallet, Trust Wallet and Slope on both mobile and web extensions. “This does not appear to be a bug with Solana core code, but in software used by several software wallets popular among users of the network,” reads the tweet.

The blockchain also suggests that only hot wallets were compromised, whereas hardware wallets or wallets on tier 1 exchanges were unaffected. While the root cause of the exploit still hasn’t been deduced, many, including Solana co-founder Anatoly Yakovenko, are pointing to an iOS supply chain attack.

“Wallets drained should be treated as compromised, and abandoned,” said the blockchain, which is like saying that those funds are now lost, and users won’t likely get them back.

The exploit comes only a day after Nomad blockchain’s swap bridge was exploited for more than $200 million.

Source: Elliptic