A new crypto wallet hack targeting Android and iOS users with connected wallets containing the cryptocurrency Solana has resulted in roughly 8,000 users accounts being drained according to reports from a number of security firms.
Solana has drawn attention from crypto investors with its hockey stick growth over the last couple of years, but that will turn the heads of hackers looking to make an even quicker profit. Security firms are estimating that somewhere between $6-$8 million in Solana was drained from the accounts of these users over the last few days (via The Verge).
How did this happen?
The Solana team upon investigation believes that the attack was limited to addresses that "were at one point created, imported, or used in Slope mobile wallet applications." They do not yet have an explanation for how the exploit took place, but it is clear that the private key information or seed phrases that secured these accounts were "inadvertently transmitted to an application monitoring service."
There is no evidence the Solana protocol or its cryptography was compromised.3/3August 3, 2022
These were all "hot" wallets, or wallets that are constantly connected to the internet to facilitate ease of transfer. The Solana team recommends that drained wallets must be treated as compromised and entirely abandoned.
How can you protect yourself?
The solution in this case was to store your Solana in a hardware wallet. Our resident crypto expert Kimberly Gedeon has reviewed a number of these wallets including the Ledger Nano S Plus and the Trezor Model One. These small devices typically resemble a USB stick, but offer dramatically heightened security for your cryptocurrencies and in some cases NFT collections.
The trade-off is that naturally, it's more cumbersome to sell or transfer your crypto with the hardware wallet as you must now find it, plug it in, enter your passcode and press buttons on the device. If you are making daily moves with your crytpo investments that may seem like too much of a hassle, but the peace of mind will make it worth it. The crypto market is volatile enough without also worrying about your wallet being drained behind your back.