Millions Drained in Widespread Solana Wallet Exploit

  • Multiple people took to Twitter on Wednesday to report funds being drain from their Solana-based wallets, including Phantom, Slope, and TrustWallet.
  • Although it is a widespread Solana exploit, with around 8,000 wallets being compromised, its root cause remains unknown.


It appears that the Solana ecosystem has fallen victim to a widespread wallet exploit, which has resulted in funds being drained from thousands of crypto wallets, Solana users reported via Twitter on 3 August.

Multiple people have complained that their funds have been drained from their hot wallets — including Phantom, Slope, and TrustWallet — without their knowledge, with Solana Status estimating that almost 8,000 wallets were compromised in the exploit. Several Solana addresses have already been connected to the attack, , with blockchain investigator PeckShield estimating that the loss to the ecosystem was around $8 million.

Several ecosystem engineers, security firms, and Solana-based platforms have already began investigations into the exploit, which allowed the attacker to sign transactions on behalf of other users. Although it appears that this is a widespread Solana exploit, its root cause remains unknown.

Prominent crypto exchange CEOs — including OKX’s Jay Hao, Binance’s Changpeng Zhao, and KuCoin’s Johnny Lyu — noted they were in contact with the Solana team, and have blocked the suspicious addresses as requested. They also took the chance to recommend to Solana users to move their holdings to their platforms as an immediate security measure.

Related Coverage
Slope Wallet Likely Tied to Solana’s Exploit
  • Solana developers claimed an investigation found no evidence that the protocol or its cryptography were compromised in the widespread exploit.
  • The investigation, however, discovered that the affected wallets were either “created, imported, or used” in Slope’s mobile app at one point in time.
a minute ago


Nomad Token Bridge Suffers $190M Security Exploit
  • Hundreds of addresses were involved in the $190 million exploit, and Nomad believes that at least some of them were white hat hackers.
  • Researcher for Paradigm has speculated that the exploit was caused by a recent update to one of Nomad’s smart contracts.
Flash Loan Exploit Drains Liquidity From Nirvana Finance
  • Hacker used a flash loan attack to manipulate and drain Nirvana’s liquidity pools, causing the protocol to lose $3.49 million in digital assets.
  • Shortly after the attack, which used a flash loan from Solend, both Nirvana’s native token ANA and NIRV stablecoin fell in price by over 80%.