Solana blockchain suffers widespread attack, with wallets drained


Solana is a public blockchain and crypto wallet that is used by a number of music-oriented web3 platforms, like Audius and Single Music amongst others, and the users of those platforms. This means that people engaging with those platforms, perhaps to buy an NFT, need to have a crypto wallet compatible with the Solana blockchain.

This week, thousands of Solana wallets have had their contents drained in a broad attack, and between $5 and $10 million worth of the platform’s SOL currency has been siphoned away so far. Solana’s value plunged as a result.   It seems like a fairly sneaky exploit, in that it is only affecting wallets that have laid unused for over six months, and thus affected owners may not have immediately noticed. It’s been hypothesised that users whose wallets that have been affected may have been using a compromised browser wallet plug-in, although this is not yet confirmed.

There’s no suggestion that the platforms named above or their users have been affected (although Audius was the subject of a $6m hack last week). But it’s another reminder that web3 is currently an exciting, but turbulent place. Crypto and web3 has a steep learning curve and most people that are feeling their way will do things – like installing browser extension wallets – primarily based on trust, and that knowledge gap is where exploits like this can happen. As we’ve noted a few times previously, everything in the crypto space is highly connected, and hacks – and accompanying drops in value – can have unexpected ripple effects on ordinary users. Be careful out there (and consider using a “cold” – i.e. offline – wallet.)

Written by: Joe Sparrow