Solana’s ecosystem is currently under attack with 7,767 wallets, mostly private keys, compromised.
The Solana team has gathered engineers from different ecosystems to find the root cause of the attack as the Solana community mourns over their hard-earned SOL & USDC losses.
According to Emin Gün Sirer, co-founder of Avalanche Labs, the hackers seem to have targeted the private key wallets of various users that have remained inactive for less than 6 months but also freshly made crypto wallets.
They are continuously draining out Solana token (SOL) and SPL token (USDC).
Sirer said the hackers might have gotten access to private keys, “One possible route is a "supply chain attack" where a JS library is hacked, and it exfiltrates (steals) users' private keys. Affected wallets seem to have been created in the last ~9 months, but there are reports of freshly created wallets also being affected.”
User @0xfoobar says both Phantom & Slope wallets are reportedly drained out completely of SOL and USDC. The user believes it’s an upstream dependency supply chain attack.
Solana Status updated its users that currently no hardware wallets have been drained although there is no evidence of this claim and advised, “Do not reuse your seed phrase on a hardware wallet - create a new seed phrase.”
As of now, over $5,000,000 worth of digital assets has been stolen in the Solana ecosystem hack.