How Solana Vigilantes Battled Back Against the Wallet Hacker

Profile picture
Decrypt
8w ago2022-08-03

In brief

  • Thousands of Solana wallets were drained in a widespread hack that’s now being blamed on an exploit with the Slope mobile wallet.
  • White hat hackers spammed “malformed” transactions to slow the Solana attackers, but it knocked out RPC servers in the process.

We’re starting to get answers about the large-scale Solana wallet hack that saw nearly $4.5 million worth of crypto being swiped from several thousand total users. But on Tuesday night, there was another interesting situation in the mix—one that saw some users try to fight back against attackers through brute force.

During the initial hours of the hack—which is now being blamed on an exploit tied to the Slope mobile wallet—developers and security auditors congregated to try and figure out what was happening and how they might mitigate it. One unidentified developer apparently suggested a solution that could impede the attackers.

According to SolBlaze, the pseudonymous founder of a Solana staking pool of the same name, the developer proposed using a previously-created script that “would try and write-lock the attacker's accounts, slowing their transactions down.”

Essentially, any transaction that makes a change to an account on the Solana blockchain—such as a balance change—will put a brief write-lock on that account, explained Michael Hubbard, founder and managing director of Solana validator operator, Laine.

“The dev thought they could trigger constant write locks on the hacker’s accounts,” said Hubbard, “thereby preventing the hacker's transactions from executing successfully.”