Following the Solana wallet attack, the Solana Status team updated the public and detailed that the wallet addresses affected by the breach were tied to Slope mobile wallet applications. The team further stressed that “there is no evidence the Solana protocol or its cryptography was compromised.”
Solana status report says that the affected addresses were created at one point in the Slope mobile wallet application
During the last 48 hours, the Solana team has been dealing with an attack in which thousands of wallets located in Solana were tampered with. At that time, Anatoly Yakovenko, co-founder and CEO of Solana Labs Thinking The exploitation probably stemmed from a supply chain attack. He reported that iOS and Android wallets were affected when he Told: “Most reports are sloppy, but some are Phantom users.”
On August 3, 2022, the Solana Status Twitter account explained that the addresses affected in the hack were tethered to Slope mobile wallet applications. “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana Status wrote. “This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.” Solana Status said:
While the details of how this happened are still under investigation, the private key information was inadvertently transmitted to an application monitoring service. There is no evidence that the Solana protocol or its cryptography was compromised.
Slope Finance published an official statement from the wallet team and breach details are vague. Slope said “A cohort of Slope wallets were compromised in the breach, we have some hypotheses as to the nature of the breach, but nothing is yet firm, [and] we feel the community’s pain, and we were not immune. Many of our own staff and founders’ wallets were drained.” Slope also added that the team was actively conducting internal investigations and audits, while working with security and audit groups.
Security experts say sloop’s seed phrases were logged in readable plaintext
During the official statement, the Slope team further recommended that Slope Wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Slope Added:
If you are using a hardware wallet, your keys have not been compromised.
Data from Dune Analytics shows that there were more specific addresses that were affected by the breach than were initially reported. Statistics show that 9,223 unique addresses were afflicted by the bug and that $4,088,121 in crypto was stolen. Most of the hacked assets were made of Solana (SOL) and SOL-based USDC.
It is being said that Slope’s mnemonic seed phrases transferred to Slope’s server were logged in readable text. The Slope wallet team allegedly stored the mnemonics in debug logging software via a centralized Sentry server. Security experts at Ottersec detailed that “anybody with access to Sentry could access [a] user’s private keys.” Ottersec also noted that the Slope team was “very helpful in sharing data related to the hack.”
