Following the Solana wallet attack, the Solana Status team updated its public disclosure to detailing that it was a “Solana wallet” and that it had been compromised. The team further emphasized that “there is no evidence that the Solana protocol or its cryptography has been compromised.”
Solana Status Report Says Affected Addresses Were One Point Created in Slope Mobile Wallet Applications
Vulnerability
During the past 48 hours, the Solana team has been dealing with an attack in which thousands of Solana-based wallets were compromised. At the time, Anatoly Yakovenko, co-founder and CEO of Solana Labs,believed that the exploit was probably caused by a supply chain attack. He explainedthat iOS and Android wallets were affected: “Most of the reports are Slope, but there are a few Phantom users.” He stated.
on August 3, 2022,is Solana status. The Twitter account explained that the addresses affected by the hack were tied to the Slope mobile wallet application.” After investigation by developers, the ecosystem team, and security auditors, it appears that the affected addresses were created, imported, or used by the Slope mobile wallet application at some point in time.” Solana Status wrote:” This exploit is isolated to a single wallet on Solana and the hardware wallet used by Slope remains secure.” Solana Statussaid:
The details of exactly how this occurred are still under investigation, but private key information was inadvertently sent to the Application Monitoring Service; there is no evidence that the Solana protocol or its ciphers were compromised.
Slope Finance released anofficial statementfrom the wallet team,
details of the breach are vague; Slope stated, “The Slope wallet cohort has been compromised, we have several theories as to the nature of the breach, but nothing has been determined yet (and) we feel the community’s pain and we were not immune. Many of our own staff and founders’ wallets were compromised”. He added that Slope is actively conducting internal investigations and audits, working with security and audit groups.
According to security experts, Slope’s seed phrases were recorded in readable plain text
In an official statement, the Slope team further recommended that Slope wallet users “create a new, unique seed phrase wallet and transfer all assets to this new wallet. “Slope further stated that
If you are using a hardware wallet, your keys have not been compromised.
Data from Dune Analyticsshows that more unique addresses were affected by the breach than originally reported. Statistics show that 9,223 unique addresses were affected by the bug and $4,088,121 in crypto was stolen. Most of the hacked assets consisted of Solana (SOL) and SOL-based USDC.
It issaid that Slope’s mnemonic seed phrases transferred to Slope’s servers were recorded in readable text; the Slope wallet team, via the centralized Sentry server, was able to allegedly stored mnemonics in debug logging software. Ottersec’s security expertdetailed that “anyone with access to Sentry could access [the user’s] private keys”Ottersec also stated that the Slope team was “very cooperative in sharing data related to the hack.”
Image credits: Shutterstock, Pixabay, Wiki Commons