The Solana ecosystem has been dealt a significant blow in the form of yet another hack. This time, security analysts have identified more than 8,620 Solana wallets associated with the DEXX hack. Losses are currently estimated to be around $30 million as recovery initiatives are in progress.
DEXX, a meme coin trading terminal, was the victim of a security exploit on November 16. A private key leak resulted in losses for at least 900 unique users, with MistTrack reporting that the majority of victims suffered losses of less than $10,000. One user, however, lost over $1 million.
The overall damage from the attack was first estimated at $21 million, making it the second-largest hack in November after the Thala hack, which cost $25.5 million. With time, the estimation has crept up to $30 million.
How is DEXX managing the situation?
DEXX founder Roy first revealed on the X platform that independent security firms would reveal all hacker addresses. The community was asked to watch the addresses and report any suspicious activity to the platforms so that they could be blocked and intercepted immediately.
They have also tried to negotiate with the hackers. Thala also applied the formula to successfully negotiate with the hackers of its DeFi Protocol and recovered $25 million.
Mr./Ms. Hacker,
We have received strong support from security agencies, partners and exchanges to locate our stolen token. We are also monitoring your addresses to freeze the stolen funds in a timely manner. We ask that you resolve this incident within the next 24 hours. This…
— DEXX (@DEXXai_EN) November 23, 2024
The account added, “Once you have returned the funds, we will immediately destroy all information we currently have about the hack. We will also stop all follow-up tracking and analysis. You will no longer be held responsible. However, if you do not comply, we will continue our investigation with the local police, security agencies, and the exchanges to take enforcement action to protect user assets, however long that takes.”
DEXX claims it is currently getting security upgrades. It also advised users not to make any deposits to the site. However, some users have continued to mke deposits despite warnings, which has led to more theft as the hacker’s script is still operating.
The hacker owns secret keys; hence, it could not be possible to get assets back via the exact same route. They have said that a new pay address will be added to help with fund returns.
Solana deals with hot wallets, always connected online, which let their owners make or get money right away. Sadly, this also generates certain security concerns. How the breach happened, how many people were impacted, and whether the victims could get their money back remain unknown.
Wallet hacks have been a problem this year
Solana is a blockchain that supports builders creating crypto apps and has SOL as its crypto coin. SlowMist, a crypto-security firm, has published a document identifying over 8,620 Solana addresses suspected to be associated with the DEXX criminal.
In August 2022, Solana suffered an attack that affected almost the same number of addresses. The hackers attacked the Solana crypto ecosystem and compromised over 8,000 wallets. They drained over $5.2 million in digital coins, including Solana’s SOL token and USD Coin.
After investigating the incident, Solana quickly concluded that the majority of the victims were those who used mobile wallets. In light of this, they recommended hardware wallets instead, as there is no evidence to suggest that they have been affected by the vulnerabilities.
This new hack has proved that hardware wallets are also in some way vulnerable.
CNBC reported that cybercriminals stole $1.38 billion worth of crypto from January 1 to June 24. The theft levels more than doubled the $657 million stolen in the same timeframe the previous year.
In addition, hackers stole digital assets worth more than $71 million in November. In 2024, this will bring the total value of crypto stolen to more than $1.48 billion.
Crypto is growing bigger, but hackers are becoming more daring. The ongoing cyberattacks by cryptocurrency hackers are clearly tarnishing the industry’s reputation.
A Step-By-Step System To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.