Solanas smarte kontraktprojekt lider igen af problemer, efter at det blev opdaget så tæt på 8,000 Solana-baserede tegnebøger er blevet kompromitteret. Solana is asking victimized wallet owners to complete a survey and the team stressed that “engineers are investigating the root cause.”
Solana Investigates Massive Wallet Exploit, Root Cause of the Hack Is Still Unknown
After the chain had halted on a few occasions in the past, Solana users are now dealing with an extensive wallet vulnerability that affected specific wallet software such as Phantom and Slope. Solana developers and victims discovered the exploit on Tuesday evening (ER) and the hacker’s method of attack is currently unknown.
The blockchain security firm Peckshield bemærket that it’s possible the exploit stemmed from a supply chain attack. Solana Labs co-founder and CEO Anatoly Yakovenko also stated that the exploit likely derived from a supply chain attack.
“Seems like an iOS supply chain attack. Multiple plausible wallets that only received sol and had no interactions beyond receiving have been affected,” Yakovenko skrev. “Android seems to be affected as well. All the confirmed stories so far have had the key imported or generated on mobile. Most of the reports are Slope, but a few Phantom users as well,” the Solana Labs CEO tilføjet.
Solana is suffering an exploit, which has drained millions from multiple wallets.
Cause of SOL exploit is still unknown. pic.twitter.com/uvoUO8yNlO
— Hector Lopez (@hlopez_) august 3, 2022
Kategori, the amount of stolen funds from the hack is also unknown, as the security firm Anchain estimated the hack to be around $5 million, and Peckshield’s estimate was around $8 million. Det Solana status Twitter account explained what the Solana team had discovered so far.
“Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted,” the team sagde.
The Solana team also left a undersøgelse for victims that asks a number of specific questions like what address was affected by the exploit and what type of wallet the user leveraged. Victims need to detail exactly when they downloaded the wallet and if the wallet was an iOS version, Android version, or Windows, Mac, or browser version.
One question asks victims if they generated a seed phrase from within the compromised wallet and the survey wants to know where and when the seed phrase was created. The seed phrase question is “required,” according to the Solana hack survey hosted on the Solana Foundation’s website.
Solana’s recent wallet exploit follows the blockchain’s issues with block production in september 2021 og juni 2022. Between those two dates, Solana’s network had to stop block production a total of eight times.
The exploit this week has damaged solana’s (SOL) market gains and out of the top ten crypto assets, SOL is the only token down in value against the U.S. dollar onsdag. SOL is now in the ninth position as well, when it used to be a top-five contender in the crypto economy a few months ago.
“It is not yet clear at this time whether the attackers exploited a vulnerability in the Phantom wallet or some other hidden weakness in the broader Solana ecosystem,” Mikkel Mørch, the executive director at the digital asset investment fund ARK36 told Bitcoin-Tidings.com News on Wednesday. “But the hack will definitely cast a shadow over Solana’s credibility as a better alternative to Ethereum – especially when it comes to security. It may even give Ethereum some additional boost from the narrative perspective as the safest and most reliable defi ecosystem,” Mørch added.
What do you think about the recent Solana exploit and how it affected close to 8,000 SOL-based wallets? af den digitale valutaøkonomi med.
Billedkreditter: Shutterstock, Pixabay, Wiki Commons
Ansvarsfraskrivelse: Denne artikel er kun til informationsformål. Det er ikke et direkte tilbud eller opfordring til et tilbud om at købe eller sælge, eller en anbefaling eller godkendelse af produkter, tjenester, eller virksomheder. Bitcoin-Tidings.com giver ikke investeringer, skat, gyldige, eller regnskabsrådgivning. Hverken virksomheden eller forfatteren er ansvarlig, direkte eller indirekte, for enhver skade eller tab forårsaget eller påstået at være forårsaget af eller i forbindelse med brugen af eller tilliden til noget indhold, varer eller tjenesteydelser nævnt i denne artikel.