The Solana ecosystem suffered a major attack on August 3. It has now emerged that the security exploit that stole cryptocurrencies from thousands of Solana wallets stemmed from the Slope wallet provider.
Slope linked to Solana wallet hack
This is a Web3 wallet provider on the Solana layer one blockchain. The Twitter account of Solana Status said that Slope was to blame for the exploit, adding that the compromised addresses “were at one point created, imported, or used in Slope mobile wallet applications.”
The co-founder of Solana, Anatoly Yakovenko, agreed that the wallets were linked to the attack. In a Twitter post, Yakovenko urged users to regenerate a seed phrase on another service besides Slope as soon as possible. He also advised users to learn how to separate cold and hot wallets.
Your capital is at risk.
The crypto community reported the exploits on wallets on Tuesday, with users complaining that they had lost Solana and other cryptocurrencies. Around $8 million worth of crypto was stolen from an estimated 8000 wallets.
An investigation from the Solana Foundation said that the private keys for each of the compromised wallets were transmitted to an application monitoring service like the wallet. It further noted that there was no sign of the Solana protocol being at risk of the attack.
Other reports said Slope could have logged user seed phrases to its centralized servers. If these servers were compromised, the seed phrase could have been leaked, and the hacker could have executed the transactions.
The early reports of this attack said that users of the Slope and Phantom hot wallets were targets of the exploit, with many believing that there was a major issue with the Solana blockchain. A report by the Solana head of communications, Austin Fedora, said that the problem was exclusive to hot wallets.
Fedora also admitted that 60% of the victims of the attack were users of the Phantom wallet. However, these users had not generated their seed phrase through Phantom.
Slope admits to the vulnerability
Slope issued a statement on these allegations saying that several Slope wallets were affected by the breach, including some wallets belonging to its staff. The team also urged Slope wallet users to generate a unique seed phrase and transfer all the funds instead of keeping them on old wallets that could be exploited afterward. Phantom has also urged its users to transfer their wallets to a non-Slope wallet.
Battle Infinity – New Crypto Presale
- Presale Until October 2022 – 16500 BNB Hard Cap
- First Fantasy Sports Metaverse Game
- Play to Earn Utility – IBAT Token
- Powered By Unreal Engine
- CoinSniper Verified, Solid Proof Audited
- Roadmap & Whitepaper at battleinfinity.io