A wind of panic blows on the Solana network since about 2 a.m. French time. It was around this time that what looks like a massive and coordinated attack was launched, targeting thousands of wallets and emptying them of their contents. While the circumstances of this hack remain unclear, we encourage you to take a few precautionary steps now to keep your assets safe.
Hack in progress on Solana
At the time of writing, this attack, unprecedented in its scale, is still in progress and concerns more than 8,000 wallets (crypto wallets) for a diverted amount of more than 6 million dollars in SOL cryptocurrencies and other tokens of this blockchain. Solana is one of the most important projects in terms of activities and valuation.
Many teams are on the bridge, well beyond the Solana community alone, following the unfolding of events hour by hour. For the moment, the investigations remain inconclusive, even if the attack comes from 4 identified addresses.
>> Make the choice of security: Register on PrimeXBT (commercial link) <<
What to do with Solana’s hack?
In fact, the attack is materialized by a siphoning of user wallets. This hack seems to mainly target wallets phantom and slope. If potential vulnerabilities of these wallets were initially mentioned, the Phantom team however indicated on its official channel that in the state of their investigations, no fault had yet been detected.
A vulnerability on the side of the ecosystem’s emblematic platforms such as Solsea or Magic Eden was also considered. This second hypothesis has not yet been confirmed.
But, even if at the time of writing many gray areas remain, it is not useless if you yourself are users of the Solana network, to apply the following few safety tips.
Precaution 1: repatriate your funds to cold storage
After checking that your wallet has not been affected by the hack, a transfer of your funds to cold storage might turn out to be a good idea. Indeed, elements that date back to the present time, hacking does not seem to concern cold storage (hardware wallet). So if you have a key ledger, NGrave Where Trezor, take a few minutes to repatriate your assets.
Precaution 2: Terminate access permissions to your wallets
Think of terminate all access permissions to your browser wallet. These last often remain open after an NFT mint or an interaction with a smart contract. These are perfect paths to access your funds. You will find the tool allowing the lifting of these authorizations in the parameters of your wallet.
Precaution 3: transfer your funds to a centralized trusted platform
If you don’t have a cold wallet, a workaround could be to transfer your tokens to a centralized platform (CEX) as Binance Where FTX. Even if purists will find fault with it, delegating the custody and security of your assets to a reputable player for a time will allow you to wait more calmly for the storm to pass.
Precaution 4: be careful on social networks
Crooks of all kinds know it perfectly well: moments of stress and worry make their prey more vulnerable. And, if you escape the main hack, make sure you don’t fall into the nets of those who will try to impersonate a customer service, or a consulting company, to access your funds, thanks to the ambient stress. . Excluding networks and official sites, don’t take their word for it, especially on social media and never entrust strategic information to anyone, such as a private key or a password, for example.
Illustration below, with an account attempting to retrieve the mnemonic passphrase from the less suspicious, pretending to be Phantom customer service
Le Journal du Coin will keep you informed of developments in the situation throughout the day. In the meantime, be careful and don’t make emotional decisions.
>> A safe platform to buy your cryptos? Register on PrimeXBT (commercial link) <<