Author: Catherine Welsch
August 5, 2022

News about the Solana hack spread across crypto space like wildfire but was the panic substantial? Short answer: not really, and the long answer you will find in our no-FUD explainer to the Solana incident.

solana hack explained

On Wednesday, news about Solana being hacked spread out and caused fear, uncertainty and doubt on the market. After the dust had settled, it turned out to be not as bad as the panic made it out to be. What exactly happened? Should you worry and do something with your funds? Read our guide to find out.

Was Solana Hacked? The Timeline of Events and Explanation

On Tuesday night, August 2, owners of addresses on the Solana blockchain started reporting their funds being drained. The total amount of lost funds from what would amount to over 8 thousand addresses would later amount up to $5.3 million USD. However, this is not the biggest concern with this case: at the time when it all started, it seemed like an indiscriminate attack because no reason or pattern could immediately be discerned. Meanwhile, more and more millions of dollars of worth in SOL and USDC were being drained by every following minute.

Thanks to the blockchain data being completely public, the actual impact of the hack could be seen in real time. User Tristan0x built a custom Dune Analytics dashboard to follow the events, and SolScan has one, too.

The seeming chaos is why claims that Solana itself was hacked started being passed around. This is somewhat understandable, considering this was probably the largest drain attack in crypto to date, affecting thousands of addresses. The drained funds were directed to four Solana addresses, linked to a single address by blockchain analysis later.

In addition to that, as time went by, the hacked addresses started to be gradually linked back to wallet providers — Phantom, TrustWallet and Slope. Unfortunately, alternative theories were put forward at the same time — browser extension or GitHub repository exploits— mudding the waters.

The Solana Foundation could not stand by, and the findings were in large part thanks to the survey the Foundation set up posthaste. After all, at that time the possibility of global Solana hack was not ruled out just yet.

The Reason — Third-Party App

Finally, the signal was filtered from the noise thanks to the inputs from the community and chain forensics. All these transactions bore similarity in that they looked like proper signed transactions — which pointed at private keys being compromised. In other words, the good news was that Solana itself was not affected.

A few more hours later after connecting all the dots, a code review of Slope wallets showed a gross security mistake: the wallet’s API leaked users’ private keys unencrypted as plaintext.

The Timeline of Events

Timeline of Slope hack in Solana

Do I Have to Worry? Are My Funds Safe?

Let us paraphrase: only the users of Slope and Fantom were affected. There is no denying that there was a hacker attack with wallet users as victims who lost millions of dollars worth. However, other Solana users are in no immediate danger of loss of funds.

When things started to go down, advice to transfer assets to cold wallets started being thrown around. Ultimately, this was the right thing to do — there is no way to compromise a wallet with private keys that were never exposed. Remember: not your keys, not your coins! (If it was a blockchain exploit like initially suspected, though, things would not be this easy to solve).

So, if you are a Solana holder, should you do anything? Do not panic: there is no immediate threat as of now. It’s still advisable to eliminate risks you don’t want to take:

  • Use a hardware or cold wallet. Protip: a device cut off from Internet connection can double as one;
  • Avoid unaudited or generally shady protocols and products. Not a 100% sound measure but if you see the signs, think twice;
  • Pay attention to permissions you give to apps. Also applicable as general advice;
  • Diversify and do not invest more than you can stomach to lose. This applies to Solana, to Bitcoin, and even stocks.

Bottom Line

The fears of Solana being hacked turned out to be overblown but the threat felt almost tangible for a few hours. While yet again highlighting the need to follow the basic advice for crypto security, this event did not turn into the catastrophe people feared, though it undermined confidence in Solana and crypto. 

You can find more articles about Solana in our blog or useful posts in our Twitter, subreddit, Facebook and Telegram. Check them out and subscribe!

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Tags

reasons to use tron network banner

For Partners

Five Reasons To Use TRON Network

In this article made jointly by the ChangeHero and SwapSpace teams, we list and explore five arguments in favor of using TRON Network, from low transactional costs to the bustling ecosystem.

Author: Catherine Welsch

218
0
August 11, 2022
Read more
solana hack explained

Top Stories

What Happened to Solana? Hack or FUD?

News about the Solana hack spread across crypto space like wildfire but was the panic substantial? Short answer: not really, and the long answer you will find in our no-FUD explainer to the Solana incident.

Author: Catherine Welsch

293
0
August 5, 2022
Read more
start in crypto with conor kenny

Top Stories

How to Start in Crypto? Interview with Conor Kenny

Conor Kenny is a UK-based influencer on “the adventure of business”, as he put it himself. The ChangeHero team talked to him about joining the crypto revolution as painlessly as possible.

Author: changehero

337
0
July 28, 2022
Read more
best coins in q2 2022

Top Stories

Top 10 Cryptocurrencies in Q2 2022

To nobody’s surprise, the quarter that saw crypto market plummet down, had no winners in the top-100. In these conditions, better performance sometimes means losing less. Without further ado, let’s review the top cryptocurrencies in Q2 2022 by performance.

Author: changehero

487
0
July 14, 2022
Read more
celsius network news june 24

Top Stories

Celsius Network News and Updates by June 24

Good news: a crisis in one of the largest crypto lenders Celsius Network did not pull crypto markets under. One week later, as the access to customer funds is still limited, we return to see how the situation at the crypto lending platform develops.

Author: Catherine Welsch

507
0
June 24, 2022
Read more
what happened to celsius network

Top Stories

What Happened to Celsius Network?

On June 13, crypto lender Celsius Network halted withdrawals and account transfers. Why did it happen and will it affect the crypto market?

Author: Catherine Welsch

663
0
June 17, 2022
Read more