A private key exploits linked to the Slope mobile wallet app is the source of the multimillion-dollar Solana Wallet hack.
Solana Indicates Slope Wallet For Attack
Private key details were inadvertently relocated to a third party on the Slope Finance network, according to investigations into the large-scale exploit that targeted the Solana Wallet. This caused a vulnerability in the Solana network, resulting in the loss of approximately $4.5 million in SOL and other cryptos from approximately 8000 Solana wallets. The exploit began on Tuesday night and lasted until Wednesday morning, prompting a team of developers and security auditors to launch preliminary investigations.
The results were shared on Twitter: According to an investigation by developers, ecosystem teams, and security auditors, affected addresses were created, imported, or used in Slope mobile wallet applications at some point. This exploit was limited to one wallet on Solana, and Slope’s hardware wallets remain secure. While the specifics of how this happened are still being investigated, private key information was inadvertently transferred to an application monitoring service.
The Solana protocol and its cryptography, according to the team, were not jeopardized. Furthermore, users are directed to switch to hardware wallets to keep funds secure, as these have proven to be immune to the hack.
The slope continues to investigate
The Slope team has acknowledged that Slope wallets were included in the hack and claims to be investigating the matter. The team has issued a statement, but it does not go into great detail about the hack and does not accept responsibility for the attacks.
According to Slope’s statement: We have some theories about the nature of the breach, but nothing is firm yet. We feel the pain of the community, and we are not immune. Many of our own employees’ and founders’ wallets were depleted. We are still actively diagnosing and committed to publishing a full postmortem report, regaining your trust, and making this right.
Users should also create a new wallet with a new seed phrase and transfer all of their funds, according to the team.
Phantom Wallet Holders Are Also Affected
Phantom, like Solana and Slope, has been affected by the hack. Several wallet holders, for instance, who had previously interacted with a Slope wallet had their Phantom wallets fully depleted of SOL and other tokens. The Phantom team stated that the exploits were caused by issues with importing accounts to and from Slope.
Source link