Users’ crypto wallets on the Solana blockchain have been hacked. Researchers at blockchain analytics firm Elliptic discovered that more than $5.8 million was stolen from 7,947 digital wallets. Solana confirmed this via the Solana Status Twitter account.
The first reports of stolen money from hot wallets came last Tuesday. Hot wallets are the digital wallets, as opposed to cold wallets that use hardware to store your crypto.
According to the spokesperson for Solana blockchain, the blockchain itself has not been hacked. The problem is said to be caused by third-party software that uses apps to store cryptocurrencies.
Specifically, it would concern wallets that have used Slope (in the past). Slope is a company that develops financial analysis software. This company’s physical ledgers would be safe enough to use.
Exactly how the hack could have taken place is still under investigation. It is therefore not yet known whether an individual or a (known) hacker group is behind this. It is already known that the private keys of users have been leaked to an application monitoring service. In other words, spyware has been used to retrieve user passwords.
Other crypto trading platform penalized
It is not only the hot wallets for the Solana blockchain that face problems. The cryptocurrency division of trading platform Robinhood has also proven to be unsafe. On Tuesday evening, Robinhood was fined $30 million by the New York Department of Financial Services for violating cybersecurity and money laundering regulations.
The investment platform would contain critical vulnerabilities. For example, it does not take into account the specific security risks associated with the platform. Robinhood, for example, did not have enough employees and systems to ensure user safety. Despite that, the platform has just laid off a quarter of its staff.
Robinhood Crypto even had policies that went against cybersecurity laws in America. Think of a telephone contact option for customers who have complaints.
Robinhood must undergo an independent audit in addition to paying the fine. Cheryl Crumpton, legal counsel at Robinhood, said there is already “significant progress” in developing legal, compliance and cybersecurity programs.
This isn’t the first time Robinhood has been in the news for lax cybersecurity. In November 2021, another five million email addresses and the personal data of two million users were stolen. Then the criminal managed to loot the data by manipulating the customer service agents using social engineering.
Catch up on more articles here
Follow us on Twitter here