Loading...
Market
Will Solana transaction volumes drop by 25% or more by December 31, 2024, due to the Web3.js breach?
3
Resolution / Starting Odds
Yes • 50%
No • 50%
Transaction volume data from Solana blockchain explorers
Story
Solana Web3.js Library Versions 1.95.6, 1.95.7 Compromised in Supply Chain Attack
Dec 3, 2024, 10:38 PM
A critical security breach has been identified in the popular Solana JavaScript library, @solana/web3.js, used for connecting Solana-related technologies to blockchain nodes. Versions 1.95.6 and 1.95.7 of the library were compromised through a supply chain attack, injecting malicious code, referred to as a secret stealer, that leaks private keys to a remote server, enabling attackers to drain cryptocurrency wallets. Developers and users relying on these versions are advised to upgrade to version 1.95.8 immediately, as version 1.95.5 remains unaffected. Security organizations, including @_SEAL_Org, flagged the issue promptly, and guidance on identifying potential impacts has been shared by the crypto security community. Services capable of blacklisting affected addresses have been urged to act. The incident underscores the risks associated with supply chain vulnerabilities in widely used software libraries.
View original story
Similar markets
Yes • 50%
No • 50%
Phantom • 25%
Solflare • 25%
Brave Wallet • 25%
None • 25%
Cease use of the library • 25%
Switch to a different library • 25%
Upgrade to version 1.95.8 • 25%
Implement additional security checks • 25%
No • 50%
Yes • 50%
Cardano (ADA) • 25%
Ethereum • 25%
Bitcoin • 25%
Other • 25%