🧵Widespread Solana exploit draining wallets throughout the ecosystem 🚩🚩 \ stacker news ~bitcoin

🧵Widespread Solana exploit draining wallets throughout the ecosystem 🚩🚩nitter.it/MagicEden/status/1554620084831674370

559 sats \ 27 comments \ @cryptocoin 3 Aug 2022 bitcoin

30 sats \ 0 replies \ @cryptocoin OP 3 Aug 2022

The link for this post uses a read-only front-end for Twitter, which can be easier to read for viewing a full Twitter thread. The Tweet that kicked off the thread is:

🚨🚨🚨There seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem

Here's what you can do right now to best protect yourself

Go to >Settings on your @phantom wallet

Trusted Apps

Revoke Permissions for any suspicious links

💜

https://twitter.com/MagicEden/status/1554620084831674370

46 sats \ 0 replies \ @vijo 3 Aug 2022

AnalOS

35 sats \ 1 reply \ @f6287b82CC84bcbd 3 Aug 2022

Not your keys not your coins 🤯...

oh wait a minute 🤣🤣🤣🤡

28 sats \ 0 replies \ @sandbeach123old 3 Aug 2022

Exactly

27 sats \ 0 replies \ @linesgone 3 Aug 2022

🤦🏼‍♂️🤦🏼‍♂️🤦🏼‍♂️

26 sats \ 0 replies \ @frostdragon 3 Aug 2022

Kudos to correct use of emoji in title 👍

26 sats \ 0 replies \ @lv99_slacker 3 Aug 2022

What could be said at this point? Absolute dumpster fire.

25 sats \ 0 replies \ @sandbeach123old 3 Aug 2022

What a disaster. You cannot safely hold that even with your own keys. And probably people will still use it. So much harm due to ignorance.

25 sats \ 0 replies \ @allark 3 Aug 2022

NOlana ;)

25 sats \ 0 replies \ @om 3 Aug 2022

Just press this button to confirm that you permit an updatable smart contract to perform any operations with all your assets: [🤡]

(not only on Solana, by the way)

25 sats \ 0 replies \ @TheBTCManual 3 Aug 2022

Lol this is the type of news I love waking up to a shitcoin self inflicted L is the best shitcoiner tears around

25 sats \ 1 reply \ @faithandcredit 3 Aug 2022

It seems that about $5M to $10M has been stolen. To put in this into context, NOMAD bridge was hacked the other day and $150M was gone.

source

Solana exchange rate is down 2% today at the time of writing

35 sats \ 0 replies \ @Coinosphere 3 Aug 2022

NOMAD bridge?

Oh, they mad alright...

25 sats \ 0 replies \ @sb 3 Aug 2022

The cope in the failing Discord servers must be unreal tonight 🤣🤡

25 sats \ 2 replies \ @derekross 3 Aug 2022

Solana is an absolute disaster that operates on something called "mainnet beta" Imagine putting your money into shitty beta software.

25 sats \ 1 reply \ @Ganjamon 3 Aug 2022

Da fuck? How can a blockchain be in beta but widely available for absolutely anyone to put money into?

25 sats \ 0 replies \ @derekross 3 Aug 2022

right? it's absolutely wild that exchanges list something that calls itself beta. shitcoin casino's do not care about their customers.

0 sats \ 9 replies \ @cryptocoin OP 3 Aug 2022

We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.

As soon as we gather more information, we will issue an update.

https://twitter.com/phantom/status/1554626111535026177 https://nitter.it/phantom/status/1554626111535026177 <-- Shows the thread in a single, easy-to-read, web page

0 sats \ 8 replies \ @cryptocoin OP 3 Aug 2022

1/2

Hmm Solana hack seems to:

-Not be via program(contract) -Have hit a few wallets, but not many major ones -Not just be Phantom

My best first guess would be some sort of shared library had a malicious update that is letting the tx sign once a wallet is unlocked.

https://twitter.com/adamscochran/status/1554628443878350851 https://nitter.it/adamscochran/status/1554628443878350851 <-- Shows the thread in a single, easy-to-read, web page

0 sats \ 7 replies \ @cryptocoin OP 3 Aug 2022

I can’t believe I’m sending my fund from a “non-custodial” wallet to my exchange account just to protect it. Good job #Solana 🤦🏻🤦🏻🤦🏻

https://twitter.com/CyanOnChain/status/1554641593927286784 https://nitter.it/CyanOnChain/status/1554641593927286784

0 sats \ 6 replies \ @cryptocoin OP 3 Aug 2022

There's also been evidence of this issue affecting ETH users, although it seems less widespread.

https://twitter.com/JustinBarlow/status/1554623496897957888

https://twitter.com/osec_io/status/1554638382898495488 https://nitter.it/osec_io/status/1554638382898495488

0 sats \ 5 replies \ @cryptocoin OP 3 Aug 2022

There's an ongoing attack targeting the Solana ecosystem right now. 7000+ wallets affected, and rising at 20/min. Because it's very early and the attack is ongoing, there's a lot of misinformation and speculation. So here are a few thoughts and clarifications.

https://twitter.com/el33th4xor/status/1554656344036126720 https://nitter.it/el33th4xor/status/1554656344036126720

0 sats \ 4 replies \ @cryptocoin OP 3 Aug 2022

So far more than 8000 wallets and ~$580M were stolen by the following 4 addresses.

[...]

https://twitter.com/MistTrack_io/status/1554656463603531776 https://nitter.it/MistTrack_io/status/1554656463603531776

0 sats \ 3 replies \ @cryptocoin OP 3 Aug 2022

This Tweet kicks off a thread where he tries to narrow it down to two reasons:

So this wallets being drained are all closed source software.

Classic.

https://twitter.com/nvcoelho/status/1554737291838590976 https://nitter.it/nvcoelho/status/1554737291838590976

0 sats \ 2 replies \ @cryptocoin OP 3 Aug 2022

This Tweet kicks off a thread with a summary so-far:

Seeing a lot of speculation on the hack still. After helping coordinate a SOL Security room for the last 12+ hours and speaking to multiple wallet peoviders, here are some things for the public to keep in mind. Core to everything: we do not have a clear explanation yet. Now, a 🧵

https://twitter.com/HelpedHope/status/1554812859737165824 https://nitter.net/HelpedHope/status/1554812859737165824

view replies