Solana Wallets Directly Affected: 8K Addresses with Stolen Assets

• Between 5K and 8K affected wallets were affected based on preliminary reports.
• SOL remained above $39, no network outage.
• Solana NFT minting peaked in June and July.

A new Solana exploit is making the rounds, and may be related to Web3 ownership. The Solana network itself is running and has not gone through another outage. 

The exploit may be related to a wallet’s function for automated approval. This has allowed exploiters to target wallets previously used for NFT mints or other purchases. In the past, Solana wallets have been targeted through malicious links that called to empty out any NFT and tokens. 

https://twitter.com/Cosmos\_Tic/status/1554701007099252736

Currently, Solana users may be at risk, making the hack especially salient. The Solana ecosystem grew in 2022, adding more NFT and games. Messari reported significant growth and a trend for more collections to use Solana in the past seven months. 

Daily new NFTs dramatically increased to over 7MM newly minted NFTs, representing 46.4% growth on @solana.

For perspective, newly minted NFTs over the first six months of 2022 are twice the amount minted during all of 2021. pic.twitter.com/pwUsSRCTbz

— Messari (@MessariCrypto) August 2, 2022

It was precisely this boom in NFT usage that left some of the wallets vulnerable. After interacting with minting smart contracts, the wallets had an option to automatically allow the transfer of funds. The hack may be affecting older wallets which have participated in mints in the past. Solana also had a more significant boost in new wallets in the second quarter of 2022. 

https://twitter.com/CoinMarketCap/status/1549322636429520898

Move Funds to New Wallets to Protect Tokens, NFT

There is still no detailed report on which NFT have been affected or if the hack targeted those items. NFT are harder to resell compared to fungible tokens, which can be dumped on crypto exchanges. 

#PeckShieldAlert The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind affects wallets. So far, the loss is estimated to be $8M, excluding one illiquid shitcoin (only has 30 holds & maybe misvalued $570M) pic.twitter.com/aTGNsTc6d8

— PeckShieldAlert (@PeckShieldAlert) August 3, 2022

Despite the hack, the SOL market price remained relatively stable, sliding only about 2.5% in the past day, to a net level of $39.51. SOL has remained at this level for weeks, still unable to rally to a higher valuation. This, however, has not prevented new users from joining in, even getting a benefit from the lowered price.

Solana wallets remain reliable, as are most crypto asset wallets that are made not to reveal private keys. The current exploit, however, uses the interaction where wallets have pre-approval to unlock their contents for the purposes of interacting with a smart contract. The best approach is to use more than one wallet and move most assets into cold storage in a new wallet or a hardware device.