Users of Solana are reporting vanished funds from their 'hot' wallets, CoinDesk reports. More than 8,000 wallets have been hit and the still ongoing attack. At least $5 million worth of SOL, SPL, and other Solana-based tokens were allocated in the addresses linked to the attack.
The cause for these attacks is unknown, but the attacker was able to sign transactions as the users, which suggests that there could have been an attack on one of Solana’s trusted third-party services.
A hot wallet is a wallet that stays connected to the internet all of the time so as to be convenient for the user, and these attacks may reignite a debate about the safety of these hot wallets. Cold wallets are more secure but need to be plugged in, like a USB, for example.
A representative of Phantom, the largest Solana hot wallet, stated:
"We are evaluating the incident impacting Solana wallets and are working closely with other teams in the ecosystem to get to the bottom of this. We will issue an update once we gather more information [...] The team doesn't believe this is a Phantom-specific issue at this time."
Solana was hit hard but the users were hit harder. Their wallets were depleted and still are. The users are currently advised to stay vigilant and try to safeguard their assets.