Unofficial findings suggest the malware may have been used in the attack.
Bybit announced it is suspending SOL deposits and withdrawals.
Solana wallets have been compromised. SOL holders in self-custody wallets, such as Phantom, Slope, Solflare and TrustWallet were urgently advised to revoke all permissions to the wallet and consider transferring the tokens to centralized exchanges (CEX) or cold wallets (where USB is required) such as Ledger including NFTs.
At the time of writing, hardware wallets (such as Ledger) were not compromised. The nodes temporarily stopped accepting new requests in an effort to slow down the attack.
Users that had their wallets compromised are advised to complete the following survey to allow engineers from multiple ecosystems to investigate the exploit:
Bybit announced it is suspending deposits and withdrawals of assets on the Solana blockchain including SOL:
"Due to the widespread exploit on @solana, #Bybit has taken steps to temporarily suspend deposit and withdrawal of assets on the Solana blockchain, including $SOL, to protect our clients.
"We will continue to monitor the situation. Thank you for your understanding and support!"
The hacker was able to sign the transactions with the users' private keys, which is suggesting a supply chain attack. Both desktop and mobile users that downloaded the wallets' extensions were compromised.
It has been that at least $8 million was stolen from over 8,000 wallets during the attack using different addresses. The reports that over $500 million was stolen are inaccurate.
There is an illiquid token that only has 30 holders and is highly overvalued (around $560 million).
The following 4 wallets have been linked to the attack:
Some of the wallets that have been compromised were inactive for several months.
How Were Solana Wallets Hacked?
According to unofficial preliminary findings, 'Luca Stealer' may have been behind the attack on Solana. A user on Twitter by the name of Matt Dagen outlines how the 'Luca Stealer' may have been involved in the hack.
The source code for an information-stealing malware coded in Rust was recently released for free on hacking forums. The malware steals stored credit card info, login credentials as well as cookies. It has been suggested that the malware was used in the attack.
The malware targets wallet browser add-ons of both cold and hot wallets including Discord tokens, Steam accounts and more.
The stealer targets a range of 'cold' cryptocurrency and 'hot' wallet browser add-ons, Steam accounts, Discord tokens, Ubisoft Play and more.
In addition, Luca captures screenshots that are saved as a png file, executes a 'whoami' and send the details to the bad actor.
Although it is not generally found in Luca according to Matt, a clipper is used to modify clipboard contents in order to hijack crypto transactions.
One notable capability typically found in other info-stealers but is not available in Luca is a clipper used to modify clipboard contents to hijack cryptocurrency transactions.
The stolen data is extracted via Discord webhooks and telegram bots (depending if the file exceeds 50MB). The program then uses Discord webhooks to send the data to the bad actor in a ZIP archive.
A summary is provided on the stolen 'loot,' allowing the attacker to estimate the value of the stolen data.
It is important to highlight these are not the official findings. The exploit is still being investigated by engineers.
Solana wallets have been compromised. SOL holders in self-custody wallets, such as Phantom, Slope, Solflare and TrustWallet were urgently advised to revoke all permissions to the wallet and consider transferring the tokens to centralized exchanges (CEX) or cold wallets (where USB is required) such as Ledger including NFTs.
At the time of writing, hardware wallets (such as Ledger) were not compromised. The nodes temporarily stopped accepting new requests in an effort to slow down the attack.
Users that had their wallets compromised are advised to complete the following survey to allow engineers from multiple ecosystems to investigate the exploit:
Bybit announced it is suspending deposits and withdrawals of assets on the Solana blockchain including SOL:
"Due to the widespread exploit on @solana, #Bybit has taken steps to temporarily suspend deposit and withdrawal of assets on the Solana blockchain, including $SOL, to protect our clients.
"We will continue to monitor the situation. Thank you for your understanding and support!"
The hacker was able to sign the transactions with the users' private keys, which is suggesting a supply chain attack. Both desktop and mobile users that downloaded the wallets' extensions were compromised.
It has been that at least $8 million was stolen from over 8,000 wallets during the attack using different addresses. The reports that over $500 million was stolen are inaccurate.
There is an illiquid token that only has 30 holders and is highly overvalued (around $560 million).
The following 4 wallets have been linked to the attack:
Some of the wallets that have been compromised were inactive for several months.
How Were Solana Wallets Hacked?
According to unofficial preliminary findings, 'Luca Stealer' may have been behind the attack on Solana. A user on Twitter by the name of Matt Dagen outlines how the 'Luca Stealer' may have been involved in the hack.
The source code for an information-stealing malware coded in Rust was recently released for free on hacking forums. The malware steals stored credit card info, login credentials as well as cookies. It has been suggested that the malware was used in the attack.
The malware targets wallet browser add-ons of both cold and hot wallets including Discord tokens, Steam accounts and more.
The stealer targets a range of 'cold' cryptocurrency and 'hot' wallet browser add-ons, Steam accounts, Discord tokens, Ubisoft Play and more.
In addition, Luca captures screenshots that are saved as a png file, executes a 'whoami' and send the details to the bad actor.
Although it is not generally found in Luca according to Matt, a clipper is used to modify clipboard contents in order to hijack crypto transactions.
One notable capability typically found in other info-stealers but is not available in Luca is a clipper used to modify clipboard contents to hijack cryptocurrency transactions.
The stolen data is extracted via Discord webhooks and telegram bots (depending if the file exceeds 50MB). The program then uses Discord webhooks to send the data to the bad actor in a ZIP archive.
A summary is provided on the stolen 'loot,' allowing the attacker to estimate the value of the stolen data.
It is important to highlight these are not the official findings. The exploit is still being investigated by engineers.
Bitcoin Miners Expand Holdings: Hut 8's Reserve Tops $1 Billion
Executive Interview with Elina Pedersen | Your Bourse | FMLS:24
Executive Interview with Elina Pedersen | Your Bourse | FMLS:24
Executive Interview with Elina Pedersen, Chief Revenue Officer at Your Bourse at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Elina Pedersen, Chief Revenue Officer at Your Bourse at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Rauan Khassan | TradingView | FMLS:24
Executive Interview with Rauan Khassan | TradingView | FMLS:24
Executive Interview with Rauan Khassan from TradingView at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Rauan Khassan from TradingView at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation #nvidia #DigitalAssets #GlobalFinance #globalbanking
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Nadia Edwards-Dashti | Harrington Star | FMLS:24
Executive Interview with Nadia Edwards-Dashti | Harrington Star | FMLS:24
Fintech Talent in the UK: The Human Factor Driving Industry Change 🌟
What does it take to attract, retain, and upskill the best fintech talent in today’s rapidly evolving UK market? In this engaging interview, Nadia Edwards-Dashti, Chief Customer Officer at Harrington Star, explores the future of talent recruitment, the rise of sales roles, and how AI is reshaping the industry—without replacing the human touch.
#fmls #fmls24 #fmevents #recruitment #financialcareers
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Fintech Talent in the UK: The Human Factor Driving Industry Change 🌟
What does it take to attract, retain, and upskill the best fintech talent in today’s rapidly evolving UK market? In this engaging interview, Nadia Edwards-Dashti, Chief Customer Officer at Harrington Star, explores the future of talent recruitment, the rise of sales roles, and how AI is reshaping the industry—without replacing the human touch.
#fmls #fmls24 #fmevents #recruitment #financialcareers
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Roberto Politano | Finnovate Finance | FMLS:24
Executive Interview with Roberto Politano | Finnovate Finance | FMLS:24
Executive Interview with Roberto Politano from Finnovate Finance at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
Executive Interview with Roberto Politano from Finnovate Finance at the Finance Magnates London Summit 2024
#fmls #fmls24 #fmevents #RetailTrading #FintechInnovation
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
#fmls #fmls24 #fmevents #cyptotrading #DigitalAssets #pepperstone
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!
#fmls #fmls24 #fmevents #cyptotrading #DigitalAssets #pepperstone
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates.
Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage.
Subscribe to our YouTube channel for more!