Users of the trusted applications associated with the Solana digital wallets Phantom and Slope claim that millions have been stolen as a result of an unidentified exploit relating to the wallets or the apps.
Many users and market participants claim that the vulnerability, whether it be on the Solana network or through native wallets, is draining users' cash even when they are not connected to web browsers or performing any transfers. The exacts of the exploit are still unknown.
The Phantom team said, "we are closely collaborating with other teams to investigate a reported vulnerability in the Solana ecosystem."
In addition, the team states, "At this time, they do not think this is a Phantom-specific issue." It is unknown exactly how much money was taken from users' wallets.
Users reported that they are getting alerts that they are sending tokens to an unidentified group of addresses. More than $6 million in SOL have allegedly been lost in the overall fund outflow.
Slope, a web-based cryptocurrency wallet, is also receiving reports of exploits from its users. It has been reported that the attacker stole both SOL and Solana Program Library (SPL) tokens.
On Twitter, a user going by the handle @Paladin claimed that multiple people with knowledge of the incident had their wallets "emptied arbitrarily."
The attack appears to affect all Solana-based tokens, and advice for securing coins include staking, moving them to a ledger, and removing them from trusted apps like NFT marketplace Magic Eden.
Hacks and exploits involving DeFi and NFTs keep growing. For the first three months of this year alone, Blockworks reported hacks totaling more than $1.2 billion, which looks to be an increase in frequency for the nascent industry.