According to NFT marketplace Magic Eden, a widespread Solana exploit is at play. They warned customers to remove access to any suspicious links in their Phantom wallets.
There was a security flaw in the Solana ecosystem. They allegedly stole millions of dollars from several Solana-based wallets.
Solana (SOL) is trending on Twitter as numerous users report on the hack as it happens or claims having lost assets themselves. It urges users of Solana-based hot wallets like Phantom and Slope to move their funds to cold wallets.
SOL and Play
It looks like a widespread SOL exploit at play. NFT marketplace Magic Eden said they warned users to remove access to any suspicious links in their Phantom wallets.
Reportedly, they stole millions of dollars from several Solana-based wallets due to a security flaw in the Solana ecosystem.
As of this writing, Solana (SOL) is trending on Twitter. Many users report on the hack as it happens or claims to have lost money in the attack. It urges others to move their Solana from hot wallets like Phantom and Slope to cold ones.
Wallet provider Phantom has noted that it is working with other teams to get to the bottom of the issue. At the same time, it does not “think this is a Phantom-specific issue” at this stage. Magic Eden has also remarked on the matter.
According to Magic Eden, there seems to be a widespread SOL exploit at play that’s depleting wallets around the ecosystem. It prompts the company to urge Phantom wallet owners to remove access from any suspicious connections.
Solana on Twitter World
The Twitter user @nftpeasant has been following the event. He attentively discovered the use of Solscan, that around $6 million in Phantom wallet money were stolen in 10 minutes on August 2. $500,000 USDC was stolen from the account of one Phantom wallet user.
@zachxbt is a well-known scam detective who calls themselves an “on-chain sleuth.” They also investigated and revealed to their 274,800 followers that the hackers initially funded the primary wallet involved with this attack via Binance seven months ago.
The transaction history reveals that the wallet was inactive until today when the hackers used four other wallets to complete transactions ten minutes before the attack began.
At this point, it is unknown whether the hack is still active. Especially where it started, or whether additional customer monies are still at risk of being stolen. In contrast, the user @cryptojpeg pointed out in response to the post made by @zachxbt that there are only 13 txn, three of which are Solana deposit txn, and one of which is a drain txn. Suppose there is no connection to any other factor. In that case, we can deduce that one of these nine transactions made the wallet susceptible to being emptied.
