Solana ecosystem users are seemingly being targeted in a new exploit that has so far drained over 8,000 wallets from users of different platforms including Phantom, Slope, and TrustWallet.
The attack is still ongoing and has seen users’ funds siphoned to an external wallet,amassing over $5 million in SOL, SPL, and other Solana-based tokens. The exact cause of the attack remains unclear, although it appears to have predominantly affected mobile wallet users.
The attack may have somehow obtained the ability to sign – initiate or approve – transactions on behalf of users, which could mean a third-party service these wallets interacted with has been compromised.
A representative for Phantom, the largest Solana hot wallet, said the organization is “evaluating the incident impacting Solana wallets and are working closely with other teams in the ecosystem to get to the bottom of this.”
To protect themselves, users are being advised to revoke any permissions they may have given with their wallets. On Phantom, users need to move to “Settings,” then “Trusted Apps” to do this.
Some users have reported losing funds on both the Solana and Ethereum blockchains.