As the dust settles from yesterday’s ລະບົບນິເວດ Solana mayhem, data is surfacing that wallet provider Slope is largely responsible for the security exploit that stole crypto from thousands of Solana users.
Slope is a Web3 wallet provider for the Solana layer-1 (L1) blockchain. Through the Solana Status Twitter account on Wednesday, the Solana Foundation pointed the finger at Slope, stating that “it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications.”
ຫຼັງຈາກການສືບສວນໂດຍຜູ້ພັດທະນາ, ທີມງານລະບົບນິເວດ, ແລະຜູ້ກວດສອບຄວາມປອດໄພ, ມັນປະກົດວ່າທີ່ຢູ່ທີ່ຖືກກະທົບໄດ້ຖືກສ້າງຂື້ນ, ນໍາເຂົ້າ, ຫຼືໃຊ້ໃນແອັບພລິເຄຊັນ Slope mobile wallet. 1/2
- ສະຖານະຂອງ Solana (@SolanaStatus) ສິງຫາ 3, 2022
Solana co-founder Anatoly Yakovenko also linked Slope wallets to the hack in his own personal Twitter account. He advised users to ຟື້ນຕົວຄືນ a seed phrase from a service other than Slope as soon as they can. He also told an affected user to “Start practicing the cold/hot wallet separation.”
Attacker is lazy at driving all the paths. A bunch of phantom users only saw their slope addresses get drained. I would advise anyone that touched slope to regenerate their seed phrase in a different wallet asap.
— SMS aey.sol, (@aeyakovenko) ສິງຫາ 3, 2022
The Solana-based wallet exploits first surfaced on Tuesday after the community began reporting that their crypto wallets were being drained of their Solana (SOL) and other tokens. It is ຄາດຄະເນ that roughly $8 million in crypto was stolen from nearly 8,000 wallets.
Through its investigation, the Solana Foundation determined that the private keys for each of the wallets compromised in the exploit were “inadvertently transmitted to an application monitoring service” such as Slope.
It added that there was no evidence to suggest the Solana protocol or its cryptography was at risk from the attack.
Some reports abound that Slope may have ເຂົ້າສູ່ລະບົບ user seed phrases on its centralized servers. The servers could have been compromised and leaked seed phrases, which a hacker could use to execute transactions.
Earlier reports of the attack on the day said that users of Slope and Phantom hot wallets were being ເປົ້າຫມາຍ, leading many to believe there could be a broader issue with the Solana protocol. However, a further analysis shared by Solana’s head of communications Austin Fedora ພົບເຫັນ that the problem was isolated to just hot wallets.
Fedora said that while 60% of the victims of the attack were Phantom users, those affected did not generate their seed phrase using Phantom.
We spun up a Typeform to collect data and the results were clear – of those drained ~60% were Phantom users and 40% Slope users. But after extensive interviews and requests to the community, we couldn’t find a single Phantom-forever user who had their wallet drained
— Austin Federa | sms (@Austin_Federa) ສິງຫາ 3, 2022
Slope issued a statement ການແກ້ໄຂ the status of its ongoing investigation into the incident on Wednesday, confirming that “A cohort of Slope wallets were compromised in the breach,” including some belonging to its own staff.
ທີ່ກ່ຽວຂ້ອງ: GitHub ປະເຊີນກັບການໂຈມຕີ malware ຢ່າງກວ້າງຂວາງທີ່ມີຜົນກະທົບຕໍ່ໂຄງການ, ລວມທັງ crypto
The team urged users of Slope wallets to generate a new unique seed phrase and transfer all funds to it rather than keeping any funds on old wallets which could still be exploited later on. The Phantom team stepped up the warning by ໃຫ້ ຄຳ ແນະ ນຳ users to move their assets to a new non-Slope wallet.
Source: https://cointelegraph.com/news/slope-wallets-blamed-for-solana-based-wallet-attack