- Phantom wallet users complain of draining funds without their consent
- Several commenters point to an exploit with the wallet or NFT marketplace Magic Eden.
Users of Solana digital wallets Phantom and Slope claim millions were stolen from an unknown exploit linked to the wallets or related trusted apps.
According to this several users and market participants, the exploit on the Solana network or local wallets consumes users’ funds despite disconnection from their web browser or any transfer. The exact details of the abuse are not yet known.
“We’re working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem,” the Phantom team told Blockworks. “At this time, the team does not believe this is a Phantom-specific issue.” The exact amount stolen from users’ wallets is not yet known.
Users said they received notifications that they had sent tokens to an unknown set of addresses. The total amount of funds drained so far is suspected to be more than $6 million in SOL from more than 7,760 wallets. Blockworks could not immediately independently verify the total amount received.
Users from web-based cryptocurrency wallet Slope they also report exploits. The attacker allegedly escaped with both SOL and Solana Program Library (SPL) tokens.
Twitter user @Paladin told Blockworks that the wallets of several people familiar with the situation were “randomly emptied”.
“They’ve lost thousands and most of their money, so they’re pretty depressed,” they said. “Move coins to a ledger and disconnect every trusted website.”
Paladin pointed this out two large wallet addresses It is suspected to belong to the abuser with a total balance of roughly 37,777 SOL (US$1.5 million). AND third walletPaladin said he continues to see roughly 2,402 SOLs ($95,000) being drawn to his address as a result of the abuse.
The exploit appears to affect all Solana-based tokens, with proposals to move coins to a ledger, cancel trusted apps like NFT marketplace Magic Eden, or lock them by staking.
Attacks and exploits related to DeFi and NFTs continue to increase. Last month, Blockworks, 1.2 billion dollars For the first quarter of this year alone, there appears to be an increase in frequency for the budding industry.
The sustained attack is “a fundamentally unsolvable problem,” said Mitchell Amador, Immunefi’s CEO, in an interview with Blockworks at the time. “We knew things were going to go in this direction. Volatility is part of crypto, the amount of money flowing would increase.”
Update: Changes the title and copy to reflect Slope Wallet users affected by the exploit. Updates Phantom’s team’s response.
Get the best crypto news and insights of the day delivered to your inbox every evening. Subscribe to Blockworks’ free newsletter now.
