Moneycontrol PRO

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

With reports indicating around 8,000 ‘hot’ wallets were compromised in the attack, experts advise investors to switch to hardware wallets for better security.

August 04, 2022 / 06:30 PM IST

Close on the heels of cross-chain messaging platform Nomad being the target of a $200-million crypto heist, investors using ‘hot’ or internet-connected crypto wallets on the popular blockchain Solana were under attack from an unknown bad actor.

Over $8 million stolen from 8,000 investors

With crypto holdings worth over $8 million stolen from approximately 8,000 investors, this latest attack has raised many questions about the security offered by both the Solana network and ‘hot’ wallets that are quite popular with the average crypto investor.

While Solana’s official Twitter account was quick to clarify that the attack was not the result of any compromise in the network’s software, it added that its team of engineers is fervently working with security researchers and ecosystem teams to identify the root cause of this wallet hack.

Create new wallets, delete old ones

Close

According to Anndy Lian, chief digital advisor to the Mongolian Productivity Organization, investors should not take these events lightly and should expect a complete analysis by the end of this week.

“While it is my opinion that a decentralised network should stay independent and operate purely by codes, I think the team at Solana should re-check all their partner systems and increase their security to prevent any other possible exploits. Investors ought to remain vigilant and take necessary precautions at their end,” he said.

“I would suggest users create a new wallet, move their funds over to the new wallet and delete the old ones. They can also consider moving their funds to the more reputable centralised exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now,” he added.

Preliminary investigations have revealed that this exploit was limited to just the Slope wallet on the Solana ecosystem, while hardware wallets used by Slope remained unscathed.

According to Solana, affected wallet addresses were at one point created, imported or used in Slope mobile wallet applications, and their private key information was transmitted to an application monitoring service.

Do not store private keys on computers

Commenting on the Solana network and the underlying sentiment, Lin, a senior analyst at Block Review, said according to his statistics, there were 10.5 percent negative sentiments for Solana in the last seven days, while Ethereum had around 6.2 percent and anything below 15 percent is still okay in his opinion.

“Coming back to the private keys that were compromised, I think any of this information should never be on any computer at any given time. This part should be taken care of and well audited by the wallet providers. Users, on the other hand, have to take extra care of their private keys and seed phrases,” Lin said.

Solana has already urged investors affected by the attack to abandon the affected wallets as they could still be compromised even after revoking wallet approvals.

While the exact modus operandi employed is still unknown, crypto industry leaders have highlighted that the suspect transactions were properly signed, further indicating that it could be a supply chain attack with a specific focus on Slope ‘hot’ wallet users.

Investors should opt for cold or hardware wallets   

Elaborating on how hackers can still steal from a compromised wallet, Raj Kapoor, founder of India Blockchain Alliance, said since private keys are stored in application and device wallets, hackers can access them and steal cryptocurrencies and that sums up the Solana hack.

“If your wallet has been compromised, it’s paramount that you transfer any existing funds from your compromised wallet to another wallet. Hackers will wipe your account of funds immediately, but if you're lucky and they have not done this yet, it's time for investors to take immediate action,” he added.

Since most hacks happen to hit “hot” wallets, investors should opt for cold or hardware wallets instead. While investors may need some of it online for transactions, they should keep what they need in the short term and store most of it offline.

A cold crypto wallet, which is similar in size to a USB device, holds a private key that can be used to access your funds. Investors can set their own private keys as well.

Use multi-factor authentication

Investors should also use multi-factor authentication (MFA) as this creates a layered defence on their account with independent credentials based on a password, security token, and/or biometrics.

Phishing is another danger and to prevent it, investors should never log in to their cryptocurrency exchange unless they are sure they are on the correct site.

Do not share information over texts, emails

Additionally, investors should not trust texts, emails or chats that ask for your personal information.

Avoiding public WiFi is also a great idea as is updating your software from time to time. Regularly changing the passwords is great as well. Change the password regularly and use a password manager like LastPass or 1Password.

‘Hot’ wallets are vulnerable

As Solana continues to work with Slope Finance in conjunction with their partners OtterSec and SlowMist to restore normalcy, this incident again serves to highlight the vulnerability of ‘hot’ wallets to cyberattacks, despite the faster transaction times offered by them.

Comprising the entire collection of web-based, mobile and desktop wallets available today, ‘hot’ wallets should be used in conjunction with ‘cold’ or hardware wallets to strike the perfect balance between speed, functionality and security.

For those actively trading in crypto tokens and other crypto assets, it is recommended to hold trading funds in a ‘hot’ wallet while the bulk of their crypto holdings remains secure in a ‘cold’ or hardware wallet.

Designed to be immune to hacking, hardware wallets need to be plugged into a computer or accessed via Bluetooth and the signing of transactions is done “in-device”.

Nearly impossible to hack hardware wallets

Since a user’s private keys never leave the device, stealing funds from a hardware wallet is an almost impossible task for malicious cyber entities. Ranging from 50 to a few hundred dollars, the security offered by these hardware wallets more than compensates for the one-time costs involved and is highly recommended for all crypto investors out there.
Murtuza Merchant is a senior journalist and an avid follower of blockchain and cryptocurrencies.
first published: Aug 4, 2022 06:30 pm
Sections
ISO 27001 - BSI Assurance Mark