Solana Labs responds to wallet exploit, says there's no evidence network is to blame

Quick Take

  • About 5,000 wallets appear to be affected in an ongoing exploit on the Solana network.
  • A spokesman for Solana Labs told The Block that the project has “no evidence” that the project is at fault for the breach.

UPDATE (12 a.m. EST): A spokesperson for Solana Labs said that ongoing investigations into the breach currently indicate that there is "no evidence" that Solana's network is at fault for the exploit.

"Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana. There is no evidence hardware wallets are impacted," Austin Federa—a spokesman for the project—said in a statement.

In a tweet, he noted: "Much remains unknown at this point - except that hardware wallets are not impacted. There's also widespread reports of ETH wallets being compromised, but it's not clear if that is related or a separate issue."


An attacker appears to be draining SOL and SPL tokens in an apparent exploit on the Solana network. 

Solana auditor OtterSec tweeted this evening that more than 5000 Solana wallets have been drained in the past few hours, corroborating numerous reports from people on Twitter claiming their balances have disappeared. OtterSec's analysis showed the transactions were signed by the owners, which the auditor said suggested a private key compromise. The exploit may also affect ETH users. 

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Wallets that have been inactive for more than six months appear to be those hardest hit, according to reports on Twitter. Users of Phantom and Slope wallets say they have lost funds. 

"We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem," tweeted Phantom. "At this time, the team does not believe this is a Phantom-specific issue."

At time of publication, it is unclear where the exploit originated. Non-fungible token marketplace Magic Eden recommended users to revoke permissions for any suspicious links within Phantom wallets in a tweet to users. Gaming firm Star Atlas issued a community warning to users, saying a large scale exploit of Solana is in progress and advising users to revoke permissions for all apps in their wallets and move funds to cold storage. 

This story and its headline have been updated to include new information from Solana Labs and will be updated as further information is presented. 


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Authors

Aislinn Keely is a reporter on The Block's policy team holding down the legal beat. She covers court decisions, bankruptcies, regulatory actions and other key moments in the legal sphere, putting them in context for the wider crypto industry. Before The Block, she lent her voice to the NPR affiliate WFUV and helmed Fordham University's student newspaper. Send tips or thoughts on all things policy and legal to [email protected] or follow her on Twitter for updates @AislinnKeely.
Frank Chaparro is Host of The Scoop podcast and Director of Special Projects. He also writes a biweekly newsletter. Chaparro started his career at Business Insider, where he specialized in the intersection of digital assets and Wall Street, market structure, and financial technology. Soon after joining Business Insider out of Fordham University, Chaparro was interviewing top finance and tech executives, including billionaire Mark Cuban, “Flash Boys” star Brad Katsuyama, Cboe Global Markets CEO Ed Tilly, and New York Stock Exchange President Tom Farley. In 2018, he become a sought after reporter in the crypto world, interviewing luminaries such as Tyler Winklevoss, the cofounder of Gemini, Jeremy Allaire, the CEO of Circle, and Fundstrat head Tom Lee. For inquiries or tips, email [email protected].