Solana Hack Exposes Library Flaws, Costs Developers $160K

Coin Edition -

• Solana’s Web3.js hack exposed library flaws, draining $160K from dApps and key projects.
• Developers urged to update Solana library to version 1.95.8 to secure dApps from future hacks.
• SOL price fell 1.3% after the $160K loss but remains up 289.58% year-over-year.

Layer 1 blockchain network Solana (SOL) suffered a massive software supply chain attack on Tuesday, impacting the protocol’s users and developers. The attack involved the solana/web3.js JavaScript library, which is used by many decentralized applications (dApps) on the Solana blockchain.The Solana development team, Anza, reported that an account with access to publish the library was compromised. This allowed the attackers to introduce malicious code that captured private keys and transmitted them to a hardcoded address. As a result, the attackers drained funds from dApps that interacted with these private keys.

Another bad day for Solana users and developers… a massive wallet draining attack was injected into their tech stack.

The injected code captures private keys and transmits them to a hardcoded address.

Believed to be the result of a social engineering/phishing attack targeting…— phil (@phil_uplc) December 4, 2024

Read also: Solana ETFs Under SEC Scrutiny: Approval Timeline RevealedAnza stated on X (formerly Twitter) that the attack “should not affect non-custodial wallets” because they do not expose the private keys stored in the library during transactions. Only projects directly handling private keys and updated between 3:20 pm UTC and 8:25 pm UTC on Tuesday were affected.The Solana development team quickly caught and erased the unauthorized code. They also asked developers to update to version 1.95.8. Analyst “MartyParty” soon confirmed that the money flow had stopped, indicating the issue was fixed.

Impact of the Attack: Six-Figure Loss and SOL Price Decline

DeFiLlama’s pseudonymous developer, 0xngmi, pointed out that some investors reported six-figure losses. On-chain data showed that as much as $160,000 was lost, mainly in SOL tokens, along with $31,000 in other tokens. 0xngmi believes the damage could have been worse, but the situation was handled well. CoinMarketCap data shows SOL is currently trading at $235.98, down 1.3% in the past 24 hours. The digital asset dropped as low as $223, crashing to $217 on December 3 when the attack was reported. However, the altcoin has skyrocketed 289.58% since December 2023 and reached a market cap of $112 billion. The post Solana Hack Exposes Library Flaws, Costs Developers $160K appeared first on Coin Edition.

Read more on Coin Edition