8月3日Solana公链被爆其Phantom和Slope的钱包被盗,目前攻击来源和漏洞还未查清,并且攻击还未停止。
目前收到攻击的地址有以下三个明显特征:
- 攻击者目前只转移了SOL代币和稳定币USDC
- 被攻击者绝大多数>6个月以上的未登陆状态
- 其中Phantom和Slope钱包用户在影响用户中占绝大多书,大约有7000多地址
Solana官方目前表态漏洞不一定出自于Solana核心代码,更可能出自于和第三方钱包交互的软件中。
Engineers from across several ecosystems, in conjunction with audit and security firms, continue to investigate the root cause of an incident that resulted in approximately 8,000 wallets being drained. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
Solana Labs 联合创始人兼首席执行官 Anatoly Yakovenko认为基于资产转移并为通过智能合约达成,漏洞可能出自于私钥或者助记词的被盗。
Only a token specific delegation or an auto approve or a leaked seed could transfer assets from a wallet on behalf of the user. Since system transfers are happening, that rules out delegation. There is no way an “interaction” could make a wallet vulnerable t.co/Pdrmjk1WYZ
— SMS T◎ly, 🇺🇸 (@aeyakovenko) August 3, 2022
当然Phantom也表态目前并不认为这是一个Phantom独有的漏洞,目前还在排查中
We are working closely with other teams to get to the bottom of a reported vulnerability in the Solana ecosystem. At this time, the team does not believe this is a Phantom-specific issue.
— Phantom (@phantom) August 3, 2022
As soon as we gather more information, we will issue an update.
目前已知硬件钱包不受影响,为了防止资产受损,建议拥有以上资产的小伙伴可以先将资产转移到硬件钱包或者可信的中心化交易所,以及尽早解除钱包中可疑的授权。
