Solana exploit enters second day as CEO points to attack on Apple hot wallets

Solana exploit enters second day as CEO points to attack on Apple hot wallets

Blockchain Featured Technology
August 3, 2022 by Kofi Ahmed
111
A hack on the Solana blockchain entered a second day on Wednesday, with no firm consensus on the source of the exploit or how it might be stopped.
Photo by Mariia Shalabaieva on Unsplash

QUICK TAKE

  • As of 5 a.m. UTC on Wednesday, Solana said 7,767 wallets have been hit by hackers.
  • Solana Labs CEO Anatoly Yakovenko said it looked like a “supply chain attack” on iOS-based wallets.

As of 5 a.m. UTC on Wednesday, the Layer 1 network said 7,767 wallets had been affected. A report from security firm Anchain estimated that more than $5 million in assets had been taken. 

While it’s not yet confirmed what may be responsible for the exploit, Solana Labs co-founder and CEO Anatoly Yakovenko said on Twitter the incident is likely a “supply chain attack” on wallets using Apple’s iOS operating system.

Supply chain attacks happen when a hacker enters and modifies software by injecting their malicious code in a system. The code inserts can be employed to deliver a malicious payload or backdoor malware. In Solana’s case, it’s possible that a hacker attacked its iOS wallet libraries to extract private keys, based on the team’s analysis.

Yakovenko came to his conclusion based the fact that exploited wallets didn’t have prior interactions with dApps and had remained inactive for some time. This indicates that hackers may have extracted private keys from Solana’s hot wallets not with the usual phishing attacks carried out with malicious links.

Gaining access to private keys means the hackers had the ability to transfer out funds from hot wallets, including Phantom and Slope wallet services.

Hot wallets are considered less secure than cold wallets as they stay connected to the internet. Cold wallets, meanwhile, store private keys within an offline hardware layer.

While more than 7,000 Solana wallets have been hit in this hack, that’s a tiny fraction of the total. There were about 25 million active addresses on the network in July, according to data compiled by The Block. 

The Solana team previously stated that it had been working with engineers and several security firms to put its fingers on a definite vulnerability responsible for the incident. It also opened a survey to collect details on the 7,767 exploited wallets as it continues to look for further clues.

The latest wallet exploit is one among a series of issues plaguing the Solana blockchain. Despite being a widely-used Layer 1, Solana has suffered regular outages due to block congestion.

Source: TheBlock

New to Crypto? Let’s help you get a wallet on a safe market exchange.

Leave a Reply