Alert: Massive Solana Hack – Popular Web3.js Library Compromised, Crypto Wallets at Risk

Alert: Massive Solana Hack - Popular Web3.js Library Compromised, Crypto Wallets at Risk

A critical security incident occurred involving Solana’s JavaScript SDK (@solana/web3.js):

– Two malicious versions (1.95.6 and 1.95.7) were released through a compromised publish-access account

– The attack targeted cryptocurrency private keys and wallet credentials

– Approximately 350,000 weekly downloads were potentially affected

– The breach lasted from 3:20pm to 8:25pm UTC on December 2, 2024

Technical Details:

– Attackers implemented a malicious “addToQueue” function

– Five key functions were compromised:

* fromSecretKey()

* fromSeed()

* createInstructionWithPublicKey()

* createInstructionWithPrivateKey()

* account constructor

– Stolen data was sent to https://sol-rpc[.]xyz/api/rpc/queue

Impact:

– Estimated $184,000 in cryptocurrency stolen

– Multiple tokens affected including Solana, USD Coin, and various others

– Non-custodial wallets were generally unaffected

Remediation:

– Users should upgrade to version 1.95.8

– Affected users must rotate all keys

– Compromised wallets should be abandoned and funds transferred to new wallets

Share This Article