- Phantom Wallet users complain that funds are being drained without their consent
- Several commentators point to an exploit relating to the NFT Magic Eden wallet or market
Users of the Solana Phantom and Slope digital wallets claim millions were stolen from an unknown exploit linked to the wallets or associated trusted apps.
According multiple users and market participants, the exploit on the Solana network or through native wallets drains user funds despite disconnecting web browsers or performing transfers. The exact details of the exploit are not yet known.
“We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem,” the Phantom team told Blockworks. “At this time, the team does not believe this is a Phantom-specific issue.” The exact amount stolen from users’ wallets is not yet known.
Users reported receiving notifications that they were sending tokens to an unknown set of addresses. The total amount of funds drained so far is believed to total over $6 million in SOL from over 7,760 wallets. Blockworks was unable to immediately independently verify the total amount withdrawn.
Web-Based Cryptocurrency Wallet Users Slope also report incidents of an exploit. It is claimed that the attacker got away with SOL and Solana Program Library (SPL) tokens.
One user, going by the handle @Paladin on Twitter, told Blockworks that several people familiar with the situation had had their wallets “randomly emptied”.
“They’ve lost thousands of people and most of their money, so they’re pretty depressed,” they said. “Move the coins to a ledger and disconnect all trusted websites.”
Paladin pointed out of them big wallet addresses believed to belong to the exploiter, who have a combined balance of approximately 37,777 SOL (US$1.5 million). A third walletwith around 2,402 SOL ($95,000) continues to see funds drained to its address as a result of the exploit, Paladin said.
The exploit appears to impact all Solana-based tokens with recommendations to move coins to a ledger, revoke trusted apps like the Magic Eden NFT marketplace, or lock them through staking.
Hacks and exploits related to DeFi and NFTs continue to increase. Last month, Blockworks reported that hacks totaled more than $1.2 billion for the first quarter of this year alone in what appears to be an increase in frequency for the fledgling industry.
The ongoing hacks “are basically an unsolvable problem,” Immunefi CEO Mitchell Amador told Blockworks in an interview at the time. “We knew things were going to go this way. Volatility is part of crypto, the amount of money coming in was going to increase.
Update: Title and text changes to reflect Slope Wallet users also affected by the exploit. Updates Phantom Team’s answer.
Get the day’s top crypto news and insights delivered to your inbox each evening. Subscribe to the free Blockworks newsletter now.