Two unknown wallets have drained over 5,000 Solana crypto wallets, wherein doing so, they have taken over $4 million worth of Solana and USDC. That being said, when accounting for all of the wallets that have been affected, such a figure rises to a staggering 15,220 (according to Solscan).
The attack appears to have originated on the Solana browser wallet Phantom, with comprised private users’ keys reported to be the source of the breach. Such consensus was rendered due to the fact that the transactions were signed by the actual owners of the wallets.
With the exploit appearing to be ongoing, there is an outcry for community members to secure their Solana assets via two different methods.
The first way of securing your assets is to revoke all Trusted Apps and permissions in your Phantom wallet, which can be done by following the instructions in the image below.
For those worried about losing staking benefits from revoking access, you need not worry as nothing will be altered with regards to the staking contract. The same applies to losing access to such funds once the exploit is resolved, as all you will need to do is reconnect.
That being said, as the source of the exploit hasn’t been categorically pinpointed, Phantom Wallet users are also encouraged to move assets to a hard wallet such as a Ledger.