Solana hack: No Network Breach but Slope Wallets compromised

Lavina Daryanani
Source: Business Today

Just a day back, Solana addresses became victim of an extensive attack. Several wallets’ private keys were compromised. As a result, users’ funds were allegedly removed without their authorization, and millions worth of SOL, SPL, and other tokens were drained.

Read More: Solana Wallets Faces On-Going Attack: Millions Already Stolen

Slope is to be blamed for the Solana hack?

A few hours back, Solana Status, the official Twitter handle providing status updates for the Solana network, went on to reveal that per its investigation, the victimized addresses were “at one point created, imported, or used in Slope mobile wallet applications.”

What exactly caused the hack remains to be unknown. However, per the latest update,

“This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain securePrivate key information was inadvertently transmitted to an application monitoring service.”

Solana Status further went on to assert that the network was not compromised. Its tweet read,

“There is no evidence the Solana protocol or its cryptography was compromised.”

This basically means that the seed phrases that Slope accessed might have possibly exposed wallets to hackers. Phantom went on to assert that it has a reason to believe that the complications w.r.t. to importing accounts to and from Slope wallets might have caused Phantom wallets to be compromised.

What Slope Finance has to say

On its part, Slope Finance released an official statement a few hours back acknowledging the hack. It went on to reveal that it had “some hypotheses” w.r.t. the nature of the breach but wasn’t yet “firm” about it. It also highlighted that “many” of their own staff and founders’ wallets were drained.

Regarding the actions it was undertaking, Slope Finance said that it’s actively conducting internal investigations and audits, and simultaneously working with top external security and audit groups. Alongside, they’re also working with developers, security experts, and protocols from the ecosystem to “work to identify and rectify.”

Achilles’ heel

Yearn Finance contributor Adam Cochran took Twitter to bring to light the weak veins. After having spoken to a user who was hacked on both Solana and Ethereum, he highlighted that the said victim was an iOS user, and the compromised wallets were Slope and TrustWallet. He further contended,

“This is looking more like it could be a compromised mobile library or badly stored keys on certain apps.”

Well, there were other parallel assertions that pointed to the fact that it was likely an “iOS supply chain hack.” Having said that, it doesn’t mean that Andriod users remained completely immune and weren’t affected by the same. One of Solana Labs’ co-founders took Twitter to claim:

Stalwarts have been warning the community to take required precautionary actions. Binance’s CZ, for instance, asked users to move their funds from Slope wallets to a different wallet ASAP. He further encouraged them to use a new private key or a seed phrase instead of importing the old one.

On that note, even Slope Finance’s word of caution revolved around the same lines. Via their statement, they encouraged users to,

“Create a new and unique seed phrase wallet, and transfer all assets to this new wallet. Again, we do not recommend using the same seed phrase on this new wallet that you had on Slope.”

Read More: Solana: How did the Ecosystem react to the Wallet Hack?