Socket, a security firm that helps detect supply-chain attacks, said the back door is “believed to be the result of a social engineering/phishing attack targeting maintainers of the official Web3.js open source library maintained by Solana.”

That’s super interesting. From the sound of it, the Maintainers must have been targeted to force a malicious Pull Request to be accepted. That article showed some of the code from the commit. I am not a Solana developer but understood enough to know what it was doing and that no maintainer should have approved it willingly.

I wonder if those maintainers will end up having any liability for the hack.

Victims are all SOL, in more ways than one