A detailed analysis revealed that the compromised library versions contained hidden code designed to steal private keys and send them to a specific wallet address.
Phantom, a crypto wallet provider on the Solana SOL $147.5 24h volatility: 0.3% Market cap: $76.37 B Vol. 24h: $3.17 B blockchain, has informed its users that its platform remains secure despite a vulnerability found in the Solana/Web3.js library. The wallet provider announced on its X page that its security team has confirmed it never used the exploited versions of the library (1.95.6 and 1.95.7). Through this announcement, Phantom is reassuring its users that the vulnerability does not affect their wallets or funds.
The issue originated from a post by Solana developer Trent.sol, who warned users that versions 1.95.6 and 1.95.7 of the Solana/web3.js library were compromised by a vulnerability that leaks private keys, putting users’ funds at risk. He advised users of these versions to immediately upgrade to version 1.95.8. He also called on services with blacklisting capabilities to block the specified wallet address potentially associated with the exploit.
Many of Phantom’s users have praised its security assurance. One crypto commentator wrote that Phantom keeps winning while others panic. However, another suggested that the wallet provider should improve its security by adding extra layers to prevent wallet draining.
Other Solana Projects React to the Web3.js Library Issue
Other projects running on the Solana blockchain have also addressed the vulnerability. Solflare, another wallet provider on the SOL blockchain, stated on its X page that it is not affected by the recent security issue involving the Solana web3.js library. It added that it uses fixed software versions and carefully checks its code to prevent attacks. Solflare wrote:
“Solflare is not impacted by the recent issue with solana/web3.js. We enforce version locking and conduct rigorous code reviews, both manual and automated, to protect against supply-chain attacks. Your keys remain safe and secure with Solflare.”
Similarly, Drift, a decentralized exchange on Solana, has addressed the issue, stating that it was not affected by the vulnerability and that its Drift codebase does not depend on the two compromised versions of Solana/web3.js.
Security Challenges Persist for Blockchain Systems
The disclosure of this vulnerability by trent.sol shows the ongoing security challenges in blockchain systems. A detailed analysis revealed that the compromised library versions contained hidden code designed to steal private keys and send them to a specific wallet address.
Socket, a developer security platform, explained the potential impact of the malicious activity, stating that developers who integrate the compromised version into their projects could expose their private keys, while users of apps built with the compromised library could lose their funds if their private keys are taken.
“Developers integrating these versions into their projects risk exposing their private keys. Users of applications relying on the compromised library may have their wallets drained if private keys are compromised,” Socket explained.
next