More hacking going on ...
Solana Wallets Targeted in Latest Multimillion Dollar Hack
Quote:
The Solana ecosystem appears to be the victim of crypto’s latest exploit, with users reporting that their funds have been drained without their knowledge from major internet-connected “hot” wallets including Phantom, Slope and TrustWallet.
The attack is still ongoing, and over 8,000 wallets have been compromised thus far according to blockchain auditors OtterSec. Several Solana addresses have been linked to the attack (1, 2, 3, 4), with those wallets amassing at least $5 million worth of SOL, SPL, and other Solana-based tokens from unsuspecting users.
The exact cause of Tuesday evening's attack remained unclear throughout Tuesday night, though it appears to have predominantly impacted mobile wallet users. The attacker somehow obtained the ability to sign (ie. initiate and approve) transactions on the behalf of users, suggesting a trusted third-party service may have been compromised in a so-called supply chain attack
|
With all the talent out there in hacking crypto stuff, are Cold wallets really secure? Won't a simple key logging virus compromise a cold wallet?
It seems to me there needs to be a multi-factor authentication equivalent for all wallets/sites.
Quote:
|
The attack will inevitably reignite a long-running debate around the security of hot wallets, which stay connected to the internet at all times in order to provide users a convenient way to send, store, and receive crypto. Cold wallets – USB drives that must be plugged into a computer to sign transactions – are heralded as a more secure, albeit less convenient, alternative
|