CoinDesk announced that Solana’s ecosystem is the latest to fall victim to a hack. More than 8,000 users’ hot wallets were affected thus far, with several Solana addresses linked to the breach. The breach has mostly hit mobile users, as the hackers were able to approve transactions on behalf of users. Some say that this indicates it may have been a third-party vendor which was breached in a supply-chain hack.
“I’ve been saying it for years, so it probably doesn’t make a difference to say it yet again, but it just isn’t wise for investors to leave their assets in a hot wallet. Yes, cold wallets aren’t nearly as convenient for making transfers, but they also don’t represent an easy target for hackers, either. Use your cold wallet. Take charge of your custody. Right now, custodians and exchanges aren’t doing enough to keep your assets safe. You must do it yourself,” said Richard Gardner, CEO of Modulus.
Magic Eden, a Solana-based non-fungible token marketplace, tweeted to advise users to “[m]ove everything to a cold wallet/ledger.”
“It amazes me that, no matter how many hacks occur, no matter how many losses, investors still prefer a hot wallet for convenience’s sake. Solana is one of the largest blockchains by value. Whether they, or their third-party vendor, were attacked is neither here nor there. If Solana can be breached, there’s no safe space. Until the government offers the industry a set of guidelines to keep this from happening, it will continue to happen,” said Gardner.
“The EU put together MiCA, and that’s really pushed the UK and the United States to move faster than they anticipated on digital asset regulatory reform. But even MiCA has an extended runway. The industry really needs guidance immediately. Every day that passes allows exchanges, custodians, and other operators to move forward without safeguarding their customers completely,” said Gardner.
“What we need, beyond the kinds of regulations that we’ve seen bandied about, is something with teeth that instructs the industry to implement best practices throughout their organization. We need to ensure that the technology which safeguards investor assets is technically sound. We need to ensure that the operators are eliminating human error, as much as possible. We need to ensure that exchanges are built with the technology required to withstand significant manipulation. So many exchanges were built to get to market quickly. And, they did that. But, they never spent the required time to actually ensure that their exchange was technologically sound,” said Gardner.