Solana falls foul of crypto heist, losing millions

Updated on: 03 August 2022

Damien Black
Senior Journalist

Solana physical coins — Image by Shutterstock

More than 8,000 wallets containing the Solana cryptocurrency have been hacked to the tune of millions of dollars in losses, and that number continues to rise at time of writing, according to social media reports.

“Multiple Solana addresses have succumbed to a widespread attack, as private keys to several wallets have been compromised,” said cryptocurrency watchdog watcher.guru, posting a link to its findings on Twitter.

“Users are claiming that their wallet funds have been removed without their involvement, and at press time more than $7 million worth of SOL, SPL, and other tokens have been siphoned out,” it added.

Peckshield Alert puts the losses somewhat higher at $8 million, adding: “The widespread hack on Solana wallets is likely due to the supply chain issue exploited to steal/uncover user private keys behind wallets.”

twitter

Another researcher posting on Twitter claimed that the tool used in the latest attack on the beleaguered cryptocurrency market is Luca Stealer, designed to target a range of cold and hot wallets.

Coding used by Solana hackers shared on Twitter — Sample of coding used by the hackers behind the Solana heist, contributed by researcher Matt Degen on Twitter.

“In addition to targeting applications, Luca also captures screenshots and saves them as a .png file, and performs a ‘who am I’ to profile the host system and send the details to its operators,” said Matt Degen, cybersecurity researcher.

He added: “The exfiltration of the stolen data is done via Discord webhooks or Telegram bots, depending on whether the exfiltrated file is above 50MB or not. The malware will use a Discord webhook to send the data back to the attackers for larger logs of stolen data.”

This attack comes hard on the heels of another crypto disaster, with Nomad Bridge reported on Twitter as losing $200 million yesterday in another digital heist by Bloomberg.