Solana Is Experiencing a Large-Scale Security Incident, What Should You Know?

Huobi發佈於 2022-08-03更新於 2022-08-05

文章摘要

Multiple Solana addresses have succumbed to a widespread attack, as private keys to several wallets have been compromised.

Multiple Solana addresses have succumbed to a widespread attack, as private keys to several wallets have been compromised. Users claim that their wallet funds have been removed without their involvement, more than $8 million worth of SOL, SPL, and other tokens have been siphoned out.

Funds have been transferred to the following 4 addresses:

1:Htp9MGP8Tig923ZFY7Qf2zzbMUmYneFRAhSp7vSg4wxV;

2:CEzN7mqP9xoxn2HdyW6fjEJ73t7qaX9Rp2zyS6hb3iEu;

3:5WwBYgQG6BdErM2nNNyUmQXfcUnB68b6kesxBywh1J3n;

4:GeEccGJ9BEzVbVor1njkBCCiqXJbXVeDHaXDCrBDbmuy.

This article will continue to update:

21:08 UTC (3 August)

Slope Finance declare it will try best to solve &rectify the situation

Slope: No personal data will be stored on centralized servers, internal investigations and audits underway

20:05 UTC (3 August)

Solana Status claims it was Slope who may be responsible for this accident

08:39 UTC (3 August)

Laine repeated that the attack may still underway.

08:26 UTC(3 August)

@aeyakovenko, co-founder of Solana Labs, tweeted that the attack may target on iOS equipments.

07:39 UTC(3 August)

Move to Earn app Walken declare it was back on tack

06:48 UTC(3 August)

StepN declare it move their Treasury fund to cold wallet.

06:37 UTC (3August)

Solana Status invites those impacted to fill out a survey.

06:47 UTC(3 August)

Walken declare it will fail to load at the moment

06:32 ET (3 August)

Alavanche founder Emin Gün Sirer believe the attack was continuing.

05:57 UTC(3 August)

Laine cautioned that this has nothing to do with authorization. They also recommended users to transfer tokens to CEX or Solana CLI.

05:09UST (3 August)

Solana Status claimed to have discovered a vulnerability that allows malicious actors to steal funds from multiple Solana wallets. As of 01:00 today, approximately 7767 wallets were affected.

00:38UST (3 August)

Well-known developer @0xfoobar said that in addition to Phantom, Slope wallet users have also reported theft, and attacker is stealing both native tokens (SOL) and SPL tokens (USDC). @0xfoobar believe it might have been an upstream dependency supply chain attack.

00:38UST (3 August)

Solana Status stated that there is currently no evidence that hardware wallets will be affected, and follow-up information will be released as soon as the investigation progresses.

00:50UST (3 August)

OtterSec confirmed 5000 have been drained, they added: the attacker is signing for the actual keys, meaning it’s not just a delegate issue.

00:33UST (3 August)

STEPN posted an urgent notice of Solana

00:32 UST (3 August)

Phantom, with the largest SOL users, is actively looking for the solution, and they do not believe it is their problem:

00:08 UST (3 August)

Magic Eden warned that there seems to be a widespread SOL exploit at play that's draining wallets throughout the ecosystem

13:13 UTC (3 August)

Solana Status tweeted that engineers from across several ecosystems, in conjunction with audit and security firms, continue to investigate the root cause of an incident that resulted in approximately 8,000 wallets being drained. This does not appear to be a bug with Solana core code, but in software used by several software wallets popular among users of the network.

你可能也喜歡

灰度抄底指南:利用现金流评估加密货币价值

本文探讨了在加密货币市场下跌背景下,如何利用现金流评估加密资产价值,并以去中心化借贷协议Aave为例进行深入分析。 核心观点认为,并非所有加密资产都适用相同估值方法。像比特币这类“类商品资产”依赖稀缺性和共识,而许多DeFi代币等“现金流资产”则与协议业务活动绑定,可通过分析协议收入、利润及代币价值捕获机制来估值。 报告指出,DeFi已成为能产生持续真实收入的赛道。Aave作为头部借贷协议,财务数据透明,拥有多元收入来源和雄厚国库。通过现金流折现(DCF)分析和与传统金融科技公司(市盈率约20-25倍)对比,灰度研究部认为AAVE代币当前合理估值区间为80-100美元(现价约75美元)。报告还预测,在监管明确化等利好情景下,其一年内价值可能升至约175美元。 文章强调,代币价值捕获机制至关重要,即协议如何将利润回馈给代币持有者(如回购、分红)。Aave通过治理演进,正加强协议经济与代币价值的绑定。同时,DAO的法律地位与监管政策(如《CLARITY法案》)仍是影响估值的关键不确定因素。 最后,报告认为市场正趋于成熟,资金从炒作项目流向具备实质收入、清晰商业模式和基本面的资产。投资者应关注如Aave、Uniswap等真正创造现金流的协议,运用基本面分析发现投资机会。

marsbit21 分鐘前

灰度抄底指南:利用现金流评估加密货币价值

marsbit21 分鐘前

半导体领涨之后,资金在买 AI 订单还是宏观反弹?

本文探讨了在美伊达成停火框架、霍尔木兹海峡通航风险缓和后,美股科技股(尤其是半导体和AI硬件板块)上涨背后的驱动逻辑。 核心观点认为,地缘风险降温降低了通胀预期和利率压力,为高估值的成长股提供了估值修复的窗口。然而,此次上涨并非对所有科技股的无差别追捧,资金更集中地流向了芯片、光互联、存储及本土制造等AI基础设施硬件链条。 这反映出市场对AI投资的偏好已从早期的宏大叙事,转向更关注能从数据中心实际资本开支中获得确定订单和收入验证的环节。例如,Astera Labs强劲的财报数据就支撑了光互联等细分领域的需求故事。 英特尔的大涨尤为引人注目,主要受特朗普宣称其将与苹果合作在美国制造芯片的消息催化。这更多是政策叙事与市场风险偏好回升共同作用的结果,其长期基本面仍待具体合作细节和财务贡献的证实。 总而言之,当前行情本质是宏观风险缓和下的选择性估值修复,而非AI基本面的全面逆转或新周期的确证。后续走势的持续性,将高度依赖于未来财报中云厂商资本开支、AI服务器订单以及相关硬件公司收入指引等数据的验证。地缘政治谈判的进展与稳定性也将持续影响市场风险偏好。

marsbit26 分鐘前

半导体领涨之后,资金在买 AI 订单还是宏观反弹?

marsbit26 分鐘前

Kraken 在其应用程序内直接添加 Solana 链上代币交易功能

Kraken在其主应用中直接集成了Solana链上代币交易功能。符合条件的美国及全球100多个国家的用户,在功能上线初期即可交易约2500种基于Solana的代币。 该功能旨在简化链上交易体验。用户无需创建外部钱包、保管助记词或切换应用,即可通过熟悉的Kraken界面直接访问去中心化市场的流动性。用户的链上资产将与其Kraken账户内的其他资产一并显示,减少了中心化交易所与自我托管活动之间的体验隔阂。 此功能背后由Privy的嵌入式钱包技术和Solana去中心化交易所协议提供支持,交易机制在后台处理。Kraken明确表示,通过此方式交易的代币并未像中心化上币那样经过严格审查,因此市场风险依然存在。 这一举措反映了主要交易所正试图将更多DeFi活动融入其主流零售界面。面对用户转向链上交易新资产的趋势,交易所正构建工具以使链上体验更易访问。Kraken的Solana集成是该趋势的一部分,它虽不取代专业用户的DeFi钱包,但可能让更广泛的零售用户接触去中心化交易。

bitcoinist1 小時前

Kraken 在其应用程序内直接添加 Solana 链上代币交易功能

bitcoinist1 小時前

莱特币ETF开局缓慢 表明山寨币基金仍面临需求考验

莱特币ETF起步缓慢,显示出山寨币基金仍面临需求考验。金丝雀资本的现货莱特币ETF(LTCC)成为比特币和以太坊之外产品需求的首个测试案例。数据显示,自推出以来其累计资金流入约930万美元,资产管理规模则因市场波动等因素更低,约543万美元。这与比特币和以太坊ETF的庞大规模形成鲜明对比。 这一缓慢开局表明,仅获得ETF批准并不自动转化为机构资金配置。莱特币虽历史悠久、监管轮廓相对清晰,但其“支付工具”与“价值存储”的叙事强度远不如比特币和以太坊,导致对机构的吸引力有限。 LTCC的例子并未完全否定山寨币ETF的前景,但预示未来市场将更具选择性。像Solana或XRP等拥有更强叙事的资产或能吸引不同需求。目前来看,比特币和以太坊仍是机构的主要通道,而其他山寨币ETF则需要争夺更小众的专业资金。

bitcoinist2 小時前

莱特币ETF开局缓慢 表明山寨币基金仍面临需求考验

bitcoinist2 小時前

全网吹爆 Noam 加盟,但 OpenAI 的亏损账单又厚了一页

OpenAI近期宣布聘任Transformer架构核心作者Noam Shazeer为架构研究负责人,引发全网热议。然而,同期披露的财务数据却揭示了严峻的亏损现实:2025年公司营收130.7亿美元,运营亏损高达209.2亿美元,即便调整后经营失血依然严重,2026年第一季度现金消耗达37亿美元。 文章指出,OpenAI正面临人才持续流失与研究文化褪色的困境,研究职位招聘比例大幅下降,重心已向产品迭代倾斜。Noam的加盟被视为在关键IPO窗口期提振估值的故事素材,但其个人技术能力无法直接解决公司核心的商业模式难题——海量免费用户带来的巨额算力成本(仅2025年算力租赁费就超105亿美元),以及付费转化率不足的问题。 与此同时,竞争对手如Anthropic凭借聚焦企业客户、控制成本与强调合规的策略,已实现盈利并缩小了与OpenAI的市场差距。这凸显了可持续商业模型的重要性。OpenAI天价引入明星人才,更多是资本叙事需要,而非扭转财务困局的根本解药。在持续烧钱的节奏下,公司正与时间赛跑。

marsbit2 小時前

全网吹爆 Noam 加盟,但 OpenAI 的亏损账单又厚了一页

marsbit2 小時前

交易

現貨
合約
活动图片

熱門分類right-arrow

熱門標籤right-arrow