Solana Exploit: Auditing Firm Claims Ethereum (ETH) Users Also Compromised

Solana auditing firm OtterSec in a tweet claimed the Solana (SOL) hack is also affecting Ethereum (ETH) users, although it is less widespread. Until now over 8000 wallets have been compromised. OtterSec said attackers used actual keys for signing transactions, which means private keys on Phantom, Slope, Solflare, and TrustWallet are compromised.

OtterSec Claims Ethereum (ETH) Users Also Affected by Solana Hack

Solana auditing firm OtterSec in a tweet on August 3 said they are tracking the Solana hack. According to a Dune dashboard, over 8000 Solana wallets are now compromised. Moreover, there are incidences of the Solana wallet issue affecting ETH users. However, the ETH users are not widely affected.

The Solana hack affects multiple wallets including Phantom, Slope, Solflare, and TrustWallet. Users are requested to move assets to cold wallets or centralized exchanges.

OtterSec cited an Ethereum user who reported his ERC-20 and USDC-SPL tokens held on both Slope and TrustWallet were drained. Also, the wallets were inactive for 4o days.

PeckShieldAlert also confirmed that a user’s TrustWallet and Slope wallets were compromised on both Solana and Ethereum before the Solana wallets were drained. The attackers transferred nearly $80 million worth of ERC-20 tokens to his Ethereum address.

Moreover, the auditing firm revealed that transactions have been signed by actual owners, which means the private keys were compromised. Solana Labs and Phantom assert their networks are working fine and don’t believe the issue is related to the Solana network or Phantom wallet.

Meanwhile, Solana in the latest tweet confirmed that there is no evidence of hardware wallets being compromised.  Engineers, multiple security researchers, and ecosystem teams are working to identify the root cause of the exploit and track drained wallets on Solana.

“There’s no evidence hardware wallets have been impacted – and users are strongly encouraged to use hardware wallets. Do not reuse your seed phrase on a hardware wallet – create a new seed phrase. Wallets drained should be treated as compromised, and abandoned.”

Solana urges affected users to fill out the “Compromised Wallet Data Collection” form to help engineers look into the issue and find the root cause.

Validator Launches DDOS Attack on Solana

According to Solana validator discord, Jito validator launched a DDOS attack on the Solana RPC nodes to slow down the SOL removal rate from 1000 per minute to 1 per minute.

However, Twitterati questions the DDOS attack on the Solana network. Many claims the attack will continue after the network is up again.

Meanwhile, Solana Labs’ co-founder Anatoly Yakovenko has confirmed the iOS supply chain attack.