Solana and Slope Pockets customers drained for alleged exploit

  • Phantom wallet users complain that funds have been drained without their consent
  • Some commentators point to exploits involving the Magic Eden wallet or NFT marketplace

Users of Solana’s digital wallets Phantom and Slope claim millions have been stolen from an unknown exploit linked to the wallets or related trusted apps.

According to multiple users and market participants, exploitation on the Solana network or through local wallets drains users of funds regardless of whether they are disconnected from web browsers or any transfers are made. Exact details of the exploit are still unknown.

“We are working closely with other teams to address the reported vulnerabilities in the Solana ecosystem,” the Phantom team told Blockworks. “At this time, the team does not believe this is a Phantom-specific issue. The exact amount stolen from users’ wallets is not yet known.

Users have reported receiving messages that they are sending tokens to an unknown set of addresses. It is suspected that the total amount of funds drained to date by SOL from more than 7,760 wallets is more than 6 million. Blockworks was not immediately able to independently verify the full amount taken.

Users from an online cryptocurrency wallet Slope also reports cases of exploitation. The attacker is said to be using SOL and Solana Program Library (SPL) tokens.

One user, using the handle @Paladin on Twitter, told Blockworks that several people familiar with the situation had “accidentally drained” their wallets.

“They’ve lost thousands and most of their money, so they’re pretty depressed,” they said. “Move coins to ledger and disconnect all trusted sites.”

The paladin pointed two big wallet addresses suspected to belong to the exploiter, with a total balance of approximately SOL 37,777 (US$1.5 million). A the third walletwith about 2,402 SOL ($95,000), funds continue to drain into her address due to exploitation, Paladin said.

The exploit appears to affect all Solana-based tokens, with recommendations to move coins to a ledger, take down trusted applications such as NFT marketplace Magic Eden, or lock them out upon payment.

DeFi and NFT related hacks and exploits are on the rise. Last month, Blockworks reported that there were more than 1.2 billion dollars in the first quarter of this year alone, the frequency of the start-up sector seems to have increased.

Persistent hacking is a “basically intractable problem,” Immunefi CEO Mitchell Amador told Blockworks in an interview. “We knew things would go this way. Volatility is a part of cryptocurrencies, the amount of money coming in was going to increase.

Update: Changes headline and copy to reflect Slope Wallet users who were also affected by the exploit. Updates the Phantom team’s response.

Get the top cryptocurrency news and insights delivered to your inbox every night. Subscribe to Blockworks’ free newsletter now.

  • Sebastian Sinclair


    Senior Reporter, Asia News Section

    Sebastian Sinclair is a senior news reporter for Blockworks in Southeast Asia. He has experience covering the cryptocurrency market as well as certain developments affecting the industry, including regulation, business and mergers and acquisitions. It currently has no cryptocurrencies. Contact Sebastian by email [email protected]

Leave a Comment