Around $200 million have been wiped off the crypto market in two consecutive hacks this week. These attacks have affected thousands of crypto investors, with many reporting zero balance in their crypto wallets.
The latest hack relates to a popular blockchain and token Solana, which on Wednesday reported around 8,000 wallets, where users store their digital assets, was affected due to a hack, draining off Solana tokens and stablecoin USD worth over $7 million.
The company says engineers were working on finding the exact cause of the hack but claimed it's not a bug within its blockchain. "Engineers from across several ecosystems, in conjunction with audit and security firms, continue to investigate the root cause of an incident that resulted in approximately 8,000 wallets being drained. This does not appear to be a bug with Solana core code, but in software used by several software wallets popular among users of the network," says a Solana statement.
The hack targeted inactive "hot wallets" such as Slope, Phantom and TrustWallet but those connected to the internet. The exploit allowed a malicious actor to drain funds from a number of wallets on the Solana platform.
The investigation has found that "affected addresses were at one point created, imported, or used in Slope mobile wallet applications". The company later confirmed that this exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.
The details of exactly how this occurred are still under investigation, but Solana’s findings reveal that "private key information" was "inadvertently" transmitted to an application monitoring service. However, Solana says there's no evidence the Solana protocol or its cryptography was compromised.
Solana also says that no hardware wallets, also known as cold wallets, were impacted – and even asked users to use hardware wallets.
"Do not reuse your seed phrase on a hardware wallet - create a new seed phrase. Wallets drained should be treated as compromised, and abandoned," it explained.
The hack at Solana came after a security breach at Nomad, a blockchain bridge, this week, where hackers took hold of assets worth $190 million. The company said it's working with leading chain analysis and intelligence firm TRM Labs, and law enforcement agencies to trace and recover funds. It also set up a recovery address for whitehats to return recovered funds.
A blockchian bridge allows transactions between two blockchain networks, and ensures interoperability in realtime.
As technical fixes, Nomad says it's developing a plan of action and will update its community soon while calling it a "challenging situation". In an unusual note, the company requested white hat hackers – or ethical hackers – to return tokens if they took it to flag a flaw in the Nomad system. As an update, the company shared funds worth $16.6 million were returned by whitehat hackers in Nomad recovery wallet addresses.
"If you are a white hat hacker or ethical security researcher who took ETH or ERC-20 tokens with the intention of returning them, we now have a process for you to do so," says the company, adding that it has tied up with Anchorage Digital, a nationally regulated custodian bank to accept and safeguard such tokens.
What are hot & cold wallets?
The hot and cold wallets are like digital banking accounts, which allow transactions with different blockchain networks. While cold wallets comprise paper and hardware wallets, hot wallets can be used on mobile, desktop or hybrid forms.
In cold wallets, its owner is the only custodian or the exchange has keys to access to its funds. While hot wallets are both custodial and non-custodial. In the crypto world, hot wallets are more popular than cold wallets as they allow lightning fast transactions due to their connectivity to the internet all the time. But, at the same time, cold wallets are more secure in storing digital assets and are less prone to hacks. The cold wallets work as USB drives and are connected to computers only to authorise transactions.
In India, the recent Solana hack could have the least impact but might have affected traders using compromised wallets like Phanto, Slope and TrustWallet. Notably, Solana tokens are traded actively in India.
Crypto exchanges have advised the users to store digital currency in cold or hardware wallets. Most Indian crypto exchanges use hardware wallets, whose private keys are managed by a trusted third party i.e. exchanges.
Guillaume Le Saint, founder, Atato, an MPC crypto custody solution, says the ‘hacked’ transactions were being signed by wallets themselves, which suggests compromised private keys, but we should wait for Slope Wallet’s post-mortem report before drawing any conclusions. "Users must always take extra care of their private key, and seed phrases. This information should never exist on any given computer, ideally, which is possible thanks to newer technologies like multi-party computation."
Shivam Thakral, CEO, BuyUcoin, says the crypto market seems to be unaffected by the latest Solana hack as most of the crypto assets ended day trade in the green zone.
"Popular layer 1 coin Solana dropped by almost 4% as the hack was reported. It will be interesting to see the Ethereum vs Solana saga unfold as Solana was pegged as an alternative to the Ethereum blockchain due to the latter’s low fee," he says.
The two hacks in one week have rattled the already shaky crypto industry, which is yet to come out of the global sell-off period, in which most cryptos have lost values amid the uncertain environment.