Solana’s Investigation Indicates Wallet Exploit Tied to Slope Mobile App – Altcoins Bitcoin News

Following the Solana Wallet attack, the Solana Status team updated the public and detailed that the wallet addresses affected by the breach were linked to the Slope mobile wallet application. The team further emphasized that “there is no evidence that the Solana protocol or its cryptography was compromised.”

Solana status report says that the affected addresses were created at one point in the Slope mobile wallet application

During the last 48 hours, the Solana team has been dealing with an attack in which thousands of wallets located in Solana were tampered with. At that time, Anatoly Yakovenko, co-founder and CEO of Solana Labs Thinking The exploitation probably stemmed from a supply chain attack. He reported that iOS and Android wallets were affected when he Told: “Most reports are sloppy, but some are Phantom users.”

On 3rd August 2022, solana status The Twitter account reported that the addresses affected in the hack were linked to the Slope mobile wallet application. “After investigation by developers, ecosystem teams and security auditors, it appears that the affected addresses were at one point created, imported or used in the Slope mobile wallet applications,” wrote Solana Status. “This exploit was separate from a wallet on Solana, and the hardware wallet used by Slope remains secure.” solana status Told,

While the details of how this happened are still under investigation, the private key information was inadvertently transmitted to an application monitoring service. There is no evidence that the Solana protocol or its cryptography was compromised.

Slope Finance published an official statement from the Wallet team and details of the breach are unclear. Slope said, “While a group of Slope wallets were compromised in a breach, we have some hypotheses about the nature of the breach, but nothing is definitive yet, [and] We feel the pain of the community, and we were not immune. Many of our own employees and founders had run out of wallets.” Slope also said that the team was actively conducting internal investigations and audits, working with security and audit groups.

Security experts say sloop’s seed phrases were logged in readable plaintext

During the official statement, the Slope team further recommended that Slope Wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Slope Added:

If you are using a hardware wallet, your keys are not compromised.

Data from Dune Analytics shows that there were more specific addresses that were affected by the breach than were initially reported. Statistics show that 9,223 unique addresses were afflicted by the bug and that $4,088,121 in crypto was stolen. Most of the hacked assets were made of Solana (SOL) and SOL-based USDC.

it is being done Told That Slope’s mnemonic seed phrases were transferred to Slope’s servers, logged in readable text. The Slope Wallet team reportedly stored the mementos in debug logging software via a centralized Sentry server. Ottersec. security specialist Detailed that “anyone who has access to the sentry can reach it” [a] user’s private key.” Ottersek also noted that the Slope team was “very helpful in sharing data related to the hack.”

What do you think about the issues with Slope Wallet and the recent exploit affecting Solana users? Tell us your thoughts about this topic in the comment section below.

Jamie Redmayne

Jamie Redmayne is the News Lead at Bitcoin.com News and a financial tech journalist based in Florida. Redmayne has been an active member of the cryptocurrency community since 2011. He has a passion for bitcoin, open-source code, and decentralized applications. Since September 2015, Redmayne has written over 5,700 articles for Bitcoin.com News about the disruptive protocol emerging today.