Solana Labs responds to wallet exploit, says there's no evidence network is to blame

Quick Take

  • About 5,000 wallets appear to be affected in an ongoing exploit on the Solana network.
  • A spokesman for Solana Labs told The Block that the project has “no evidence” that the project is at fault for the breach.

UPDATE (12 a.m. EST): A spokesperson for Solana Labs said that ongoing investigations into the breach currently indicate that there is "no evidence" that Solana's network is at fault for the exploit.

"Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted," Austin Federa—a spokesman for the project—said in a statement.

In a tweet, he noted: "Much remains unknown at this point - except that hardware wallets are not impacted. There's also widespread reports of ETH wallets being compromised, but it's not clear if that is related or a separate issue."

An attacker appears to be draining SOL and SPL tokens in an apparent exploit on the Solana network. 

Solana auditor OtterSec tweeted this evening that more than 5000 Solana wallets have been drained in the past few hours, corroborating numerous reports from people on Twitter claiming their balances have disappeared. OtterSec's analysis showed the transactions were signed by the owners, which the auditor said suggested a private key compromise. The exploit may also affect ETH users. 

Wallets that have been inactive for more than six months appear to be those hardest hit, according to reports on Twitter. Users of Phantom and Slope wallets say they have lost funds. 

"We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem," tweeted Phantom. "At this time, the team does not believe this is a Phantom-specific issue."

At time of publication, it is unclear where the exploit originated. Non-fungible token marketplace Magic Eden recommended users to revoke permissions for any suspicious links within Phantom wallets in a tweet to users. Gaming firm Star Atlas issued a community warning to users, saying a large scale exploit of Solana is in progress and advising users to revoke permissions for all apps in their wallets and move funds to cold storage. 

This story and its headline have been updated to include new information from Solana Labs and will be updated as further information is presented. 

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.