The Solana team's investigation into the hack of thousands of cryptocurrency wallets revealed that the affected addresses were «at some point created, imported, or used in Slope's mobile apps» ;.
After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
Prior to this, Solana developers reported that the hack was not caused by a bug in the underlying blockchain code, but was due to software used by «several popular wallets».
Solana Labs co-founder Anatoly Yakovenko wrote that each anyone who has ever imported a seed into Slope may consider it compromised.
If you have ever imported a seed phrase into slope, consider it compromized. Move all the assets to a new non slope wallet. Even if the attack didn't claim those tokens yet, the phrase is leaked. Just a matter of time https://t.co/pCBx8jRwcO
— SMS aey.sol, 🇺🇸 (@aeyakovenko) August 3, 2022
Slope said in a statement that a number of project wallets have been compromised and the team is actively investigating the incident. The «developers have several hypotheses», but they did not name the specific reason for the hack.
See below for our official statement on the breach situation (now posted to our Medium).
We empathize with everyone affected, and are doing our best to solve and rectify the situation.https://t.co/E9xrKbdLOy
— Slope (@slope_finance) August 3, 2022
Slope encouraged all users to create new wallets with other seed phrases and transfer their assets to them.
Representatives of the Phantom project, whose clients were also affected by the hack, said that they «have reason to believe» that the discovered exploit is related to Slope. They advised users to transfer assets to new wallets of other providers.
1/ Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from @slope_finance.
We are still actively working to identify whether there may have been other vulnerabilities that contributed to this incident. https://t.co/W5B19gbMJX
— Phantom (@phantom) August 3, 2022
Some experts note that Slope could store user seed phrases on its centralized servers, which were later compromised by attackers.
Correction – the Slope wallet did not send seed phrases to external partners, but may have logged them on their own centralized servers. Apologies for getting a bit ahead of myself, postmortem still in progress. Wait for an announcement from the team for true confirmation.
— foobar (@0xfoobar) August 3, 2022
A representative from Slope told CoinDesk that the team does «storage no personal data on a centralized server.” However, he later said that this statement was incorrect.
The investigation is ongoing, Solana emphasized.
Recall that in early August, unknown persons gained access to the funds of the owners of about 8,000 Solana-based wallets and withdrew millions of dollars.
Read ForkLog bitcoin news in our Telegram — cryptocurrency news, rates and analytics.