- Phantom wallet users complain that funds are being withdrawn without their consent
- Several commenters point to an exploit related to the wallet or NFT marketplace Magic Eden
Users of Solana digital wallets Phantom and Slope claim that millions have been stolen from unknown exploits involving the wallets or associated trusted apps.
according to several users and for market participants, exploitation on the Solana network or through local wallets drains users’ funds regardless of disconnection from web browsers or any transfers. Exact details of the operation are not yet known.
“We are working closely with other teams to get to the bottom of the vulnerability reported in the Solana ecosystem,” the Phantom team told Blockworks. “At this time, the team does not believe this is a Phantom-specific issue.” The exact amount of money stolen from users’ wallets is still unknown.
Users said they received notifications that they had sent tokens to unknown addresses. It is doubtful that the total amount of funds released so far is more than $6 million in SOL from more than 7,760 wallets. Blockworks could not immediately independently verify the total amount taken.
Users of a web-based cryptocurrency wallet slope they also provide information about operational incidents. The attacker allegedly made off with both SOL and Solana Software Library (SPL) tokens.
A user who goes by the handle @Paladin on Twitter told Blockworks that several people familiar with the situation had their wallets “randomly emptied.”
“They lost thousands, so they were very depressed,” they said. “Move the coins to the ledger and separate every trusted website.”
The paladin pointed out two big wallet addresses suspected of belonging to an exploiter with a total balance of approximately 37,777 SOL ($1.5 million USD). THE the third walletwith about 2,402 SOL ($95,000) continues to see a drain on the exploit, Paladin said.
The exploit affects all Solana-based tokens with recommendations to move coins to the ledger, cancel trusted applications such as NFT marketplace Magic Eden, or lock them via staking.
Hacks and exploits related to DeFi and NFTs continue to increase. Last month, Blockworks reported that the number of hacks exceeded the total 1.2 billion dollars Only the first quarter of this year seems to be increasing in frequency for the budding sector.
In an interview with Blockworks, Immunefi CEO Mitchell Amador told Blockworks that persistent hacking is “basically an intractable problem.” “We knew that things would go in this direction. Volatility is part of cryptocurrency, the amount of money coming in would increase.”
Update: Changes title and copy to reflect that Slope Wallet users are also affected by the exploit. Updating the Phantom team’s response.
Get the day’s best cryptocurrency news and insights delivered to your inbox every evening. Subscribe to Blockworks’ free newsletter Now.