Crypto Owners Hit By Two Attacks In One Day

Crypto owners were hit by two separate attacks on Aug. 2.

First, the Nomad blockchain bridge, which lets users swap tokens between blockchains, experienced a $200-million hack due to a smart contract bug. 

Later in the day, an attack by “a malicious actor” compromised digital wallets on the Solana network, a popular blockchain known for its fast transactions.  As of this morning, the hackers had compromised 7,767 wallets and stolen $5.2 million in digital coins. That attack was reported by Solana Status, a Twitter account that shares Solana network updates. 

At this writing, the Nomad attack appears to be over, and funds are being returned, but the Solana attack is ongoing, and the attackers’ identities remain unknown.

According to The Verge, hacks of blockchain bridges like Nomad's are now routine due to the large value of assets they tend to hold and the complexity of the smart contract code they run on. Hacks on the Wormhole bridge platform and the Ronin blockchain in February and March of this year drained $325 million and $625 million from those accounts, respectively.

The Solana wallets hack, on the other hand, "appears to be due to a flaw in certain wallet software, rather than in the Solana blockchain itself," Tom Robinson, chief scientist at London-based blockchain analysis provider Elliptic, told CNBC.

Blockchain audit firm OtterSec said the transactions seemed to be signed by the actual wallet owners, “suggesting some sort of private key compromise.” Private keys are secure codes granting owners access to their crypto holdings. 

To date, only “hot” wallets — ones always connected to the internet, for fast storage and token sending — have been compromised. They include Phantom, Slope, Solflare and TrustWallet. Solana is encouraging users to switch to hardware or “cold” wallets. 

Solana-based wallet Phantom, which received a $1.2-billion valuation in January, tweeted that it is “working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. We do not believe this is a Phantom-specific issue.”

Solana is the fifth-largest blockchain in the world, according to DeFi Llama. Since the attack began, its native token SOL has dropped 4%.

Next story loading loading..