By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Security Parrot - Cyber Security News, Insights and ReviewsSecurity Parrot - Cyber Security News, Insights and Reviews
Notification
Latest News
Twilio was hacked: Credentials stolen from Twilio employees.
August 10, 2022
Chinese hackers attack defense companies and government agencies in Russia and Eastern Europe
August 10, 2022
US authorities imposed sanctions on the cryptocurrency mixer Tornado Cash
August 10, 2022
Microsoft: Windows devices on new CPUs can corrupt data
August 10, 2022
Microsoft will improve the security of Edge when working with less popular sites
August 10, 2022
Aa
  • News
  • Security Insider
  • Tutorials
Reading: Due to an unknown bug, funds were stolen from thousands of Solana wallets
Share
Security Parrot - Cyber Security News, Insights and ReviewsSecurity Parrot - Cyber Security News, Insights and Reviews
Aa
Search
  • News
  • Security Insider
  • Tutorials
Follow US
Security Parrot - Cyber Security News, Insights and Reviews > News > Due to an unknown bug, funds were stolen from thousands of Solana wallets
News

Due to an unknown bug, funds were stolen from thousands of Solana wallets

Last updated: 2022/08/05 at 10:18 PM
Security Parrot Editorial Team Published August 5, 2022
Share
SHARE

Users of the Solana platform suffered from an attack that emptied about 8,000 cryptocurrency wallets containing millions of dollars. Apparently, specific wallets turned out to be vulnerable to a certain bug, and not blockchain or Solana cryptography.

The attack that occurred on August 3, 2022 affected both Solana’s native cryptocurrency (SOL) and other tokens compatible with the Solana blockchain, such as the USD Coin (USDC) stablecoin. The exact value of the stolen assets has not yet been established, but reports from independent analysts and information security companies such as PeckShield say that the losses are estimated at about $8,000,000.

Solana’s official Twitter account reports that the attack emptied about 8,000 wallets. At the same time, the exact cause of the incident has not yet been established.

At first it became known that the attack was not related to the code, cryptography and Solana blockchain, but was associated with some kind of error in the software used by several popular wallets. This version was indicated by the fact that the transactions were signed by the rightful owners, that is, the matter most likely was in the compromise of the private key.

Various information security experts have suggested that hackers could have access to such a large number of private keys through a supply chain attack, through some kind of 0-day vulnerability in the browser, or through a malfunctioning random number generator used in the key generation process. Another possible explanation was the nonce reuse attack.

However, according to the latest Solana Twitter updates, the explanation for what happened is simpler: all the affected addresses were somehow connected (created, imported or used) with Slope mobile wallet applications. At the same time, Solana developers emphasize that the attack did not affect hardware wallets.

Although the investigation of what happened has not yet been completed, the main version of what happened is as follows: information about private keys was mistakenly transmitted to the application monitoring service.

The developers of Slope have already confirmed the fact of the compromise, but so far they have not reported any technical details of what happened, referring to the still pending investigation.

Security Parrot Editorial Team August 5, 2022
Share this Article
Facebook Twitter Email Copy Link Print
What do you think?
Love0
Happy0
Joy0
Surprise0
Embarrass0
Sad0
Cry0
Angry0
Dead0

You Might Also Like

News

Twilio was hacked: Credentials stolen from Twilio employees.

August 10, 2022
News

Chinese hackers attack defense companies and government agencies in Russia and Eastern Europe

August 10, 2022
News

US authorities imposed sanctions on the cryptocurrency mixer Tornado Cash

August 10, 2022
News

Microsoft: Windows devices on new CPUs can corrupt data

August 10, 2022

© 2022 Parrot Media Network. All Rights Reserved.

  • Home
  • About Us
  • Contribute
  • Privacy Policy
  • Terms and Conditions

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?