On the night of Tuesday to Wednesday, August 3, thousands of users of wallets like Phantom and TrustWallet were robbed of their Solana and SOL-related coins. In the hack, which is still ongoing, $8 million worth of crypto has been stolen.
UPDATE August 4: It seems that the hack is not related to a problem with Solana but of a wallet. The Slope wallet may have had a batch of private keys stolen from a database. The trail began with the fact that all the wallets that were hit were either Slope or exchanged account information with Slope.
The hack only concerns so-called hot wallets such as the Solana web wallet Phantom. Hardware wallets do not seem to be affected, which is to be expected. There is also no known theft of accounts from crypto exchanges.
Hot wallets are crypto wallets that are always online and thus more vulnerable to hacks. For the Ethereum ecosystem, for example, this is MetaMask: an app or browser extension that makes it very easy to sign for transactions. For the Solana ecosystem, Phantom is the a popular wallet.
Most of the hacks this past year involved bridges between two chains. Consider the hack of the Ronin bridge and the most recent example of the hack of the Nomad protocol. The Solana hack is different. Somehow, malicious parties seem to have gotten their hands on the private keys of thousands of SOL owners.
The hack again shows how experimental and vulnerable some alternative Layer 1s still are. Solana in particular continues to be plagued by setbacks. The high transaction volume that the chain makes possible has often come at the expense of uptime: there have already been several occasions when the chain came to a standstill. Now security also seems to have fallen victim to Solana's rapid success.
In the face of all this brutal technological Darwinism, SOL's price fell by only a few percent.