ADVERTISEMENT

Crypto Takes A New Hit As Thousands Of Solana Wallets Hacked

Hackers targeted the Solana ecosystem early Wednesday with thousands of wallets affected in the latest hit to the crypto market.

<div class="paragraphs"><p>Solana signage at the NFT LA conference in Los Angeles, California, U.S., on Thursday, March 31, 2022. NFT LA is an integrated conference experience fused with immersive Metaverse integrations. (Photographer: Bing Guan/Bloomberg)</p></div>
Solana signage at the NFT LA conference in Los Angeles, California, U.S., on Thursday, March 31, 2022. NFT LA is an integrated conference experience fused with immersive Metaverse integrations. (Photographer: Bing Guan/Bloomberg)

Hackers targeted the Solana ecosystem early Wednesday with thousands of wallets affected in the latest hit to the cryptocurrency market after bridge protocol Nomad was attacked at the start of the week.

Estimates of the damage vary. Just over $5.2 million in cryptoassets have been stolen so far from more than 7,900 Solana wallets, according to blockchain forensics firm Elliptic. Security company PeckShield said four Solana wallet addresses drained approximately $8 million from victims.

“The root cause is still not clear,” Elliptic’s co-founder Tom Robinson said. “It appears to be due to a flaw in certain wallet software, rather than in the Solana blockchain itself.” 

The attack sent Solana’s SOL token down as much as 7.3% to $38.40 in early trading on Wednesday, its lowest in a week. Bitcoin was up 1.5% at $23,367.

Crypto projects are proving a rich vein for hackers and the industry has suffered numerous attacks this year. Solana’s woes come days after Nomad -- a bridge protocol for transferring crypto tokens across different blockchains -- lost close to $200 million in a security exploit on Monday. More than $1 billion has already been stolen from bridges in 2022, according to a June report by Elliptic.

“Much remains unknown at this point -- except that hardware wallets are not impacted,” Solana spokesman Austin Federa said.  

While there’s speculation the incident was a supply-chain attack, the nature of the exploit remains unclear, Federa said. Supply-chain hacks occur when an outside party or provider with access to the victim’s systems and data is infiltrated. 

Solana, which has suffered network outages in the past, is a rival to the Ethereum blockchain. As transaction prices on Ethereum rose last year, chains like Solana, which tout their low transaction fees, emerged as alternatives for minting non-fungible tokens. The code underpinning Solana is also popular with clients looking to build their own decentralized-finance applications. 

Some NFTs were also stolen in the hack -- but the full impact of the exploit is still unclear, Elliptic’s Robinson said.

(Updates with estimates for amount stolen in second, third paragraphs)

More stories like this are available on bloomberg.com

©2022 Bloomberg L.P.