Affected Wallets
A number of hot wallets that support the Solana ecosystem, such as Phantom, Slope Wallet, and Trustwallet, were attacked by hackers on the morning of 3/8, with up to 8,000 users having their wallet assets transferred to the following four addresses.
Phantom Official Response
We are working closely with other teams to identify the Solana ecological vulnerability and at this time the team does not believe it is a Phantom issue. As soon as we have more information, we'll update everyone!。
Solana RPC nodes are currently out of service requests.This may be due to loading or intentional. However, this does not affect the bottom layer of the chain becomes its repugnant to attack more and more layers of the chain, and the The Solana chain is still up and running.The user's wallet or block browser may not be able to load it at the moment.
The attack wasn't on the Solana chain itself, but rather the hackers were able to get access to the private keys to users' wallets and sign transactions to transfer their assets out. While teams are still searching for the source, a number of engineers and analysts on Twitter have pointed out that it could have been someone else.
Some users mayThe Phantom wallet helper was deposited into the Trust Wallet and hackers used the private key to find the hot wallet's accountThis has led to the transfer of ETH from users of this cross-chain wallet software, even though it is an ethereum chain.
Technically, as long as the same mnemonic protocol is used for all types of hot wallets, users can easily import mnemonics from one hot wallet software to another, thus accessing the same linked account.
Unaffected users can now prevent their wallets from being hacked in the following ways.
Transfer the assets of Solana Ecology related wallets to a centralized exchange for short-term storage.
Transfer assets to other new wallets, asset types include as well as cryptocurrencies.
Ensure Wallet has revoked all permissions and transferred assets to Cold Wallet.