Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
The industry already faced a worrying hack that mostly affected Solana and Ethereum users as their funds were stolen directly from their noncustodial mobile wallets, which means that millions of users could be in danger, and Trust (ironically named) and Phantom wallets are the new targets of hackers. Business analytics professor Adam Cochran has his own take on events.
According to the expert, the attack could be the result of a compromised mobile library or badly stored private keys on certain apps. His initial hypothesis was based on the fact that almost no Ethereum users became victims of the hack, and the majority of users who lost their funds were Solana investors or traders.
1/3
Spoke with a user who was hacked on both Solana and Ethereum:
-Used iOS
-Wallets were TrustWallet and Slope
-ERC20's were stolen to: 0xc611952D81E4ECbd17c8f963123DeC5D7BCe1c27
-ETH side was TrustWallet
-Assets were taken at the same time— Adam Cochran (adamscochran.eth) (@adamscochran) August 3, 2022
The main reason behind the imbalance is tied to the number of mobile wallet users on Ethereum, which is significantly lower compared to the number of mobile Solana users. Interestingly, most of the victims had been using iOS-based wallet applications.
Users quickly came back to Cochran and reported that the problem also exists on Android-based wallets like Trust Wallet, which means that there is a possibility of cross contamination when the successfull attack on one type of asset opens up the possibility of an attack on another one.
With the help of other users, Cochran and Solana Labs developers confirmed that most Trust Wallet users imported their wallet's seed phrase into the Slope Web3 application, which could be the source of the contamination. With a seed phrase, hackers are able to receive direct access to funds on Trust or any other wallet, including Phantom.
As of now, developers are still looking for breaches and other security issues on the network.