Solana wallet provider Phantom says its systems were uncompromised in $4 million hack

Quick Take

  • Phantom said security auditors did not find any vulnerabilities in its systems in relation to the wallet exploit.
  • It was initially believed that Solana libraries linked to Phantom, Slope and other wallet apps suffered a “supply chain attack.”

Web3 wallet firm Phantom clarified late on Tuesday that its systems were not compromised prior to a wallet exploit, in which hackers have so far drained $4.08 million from 9,230 wallets.

On Tuesday, Phantom said, after nearly a week-long investigation, security auditors have not uncovered any vulnerabilities that could potentially tie it to the exploit.

“After almost a week of investigation, our team has not found any evidence that Phantom's systems were compromised during the August 2nd security incident,” the wallet provider said in a tweet.

Initially, it was believed that Solana wallet libraries linked to Phantom, Slope, and other wallet apps may have suffered a “supply chain attack” on the iOS mobile platform.

Later on, Solana developers traced the entire incident back solely to the Slope wallet application. The Solana team claimed all hacked addresses were at one point created, imported, or used in the Slope application.