- A bug in Slope wallets is believed to be behind the recent theft from Solana wallets.
- Nearly $6 million was stolen from 9,000 addresses.
- Teams are still continuing their investigation and will publish a full report later.
The recent attack on Solana wallets that saw 9,000 addresses drained of nearly $6 million has been attributed to compromised private keys on Slope mobile wallet applications. An initial investigation by the teams says that the private key details of the compromised wallets were inadvertently transferred to a third party.
After developers, ecosystem teams, and security auditors began investigating the attack, they noticed that the affected addresses were at one point created, imported, or used in Slope mobile wallet applications. They also noticed that the exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.
While Slope continues its investigation, it has asked all Slope users to create a new and unique seed phrase wallet and transfer all their assets there. Hardware users remain safe and do have to worry about their keys. The team will publish a full post-mortem later.
Four attackers have been identified, attacking about 9,000 unique wallets. So far, all those investigating have said that there does not appear to be a bug within the Solana code. It is the software used by popular wallet providers that appear to have been vulnerable.
Solana Labs co-founder Anatoly Yakovenko said that the attack seemed like “an iOS supply chain attack,” though he later noted that Android users seemed to be affected as well. He also concluded that it was likely a bug specific to Slope.
Hacks Continue in Crypto Space
There has been no shortage of hacks in the crypto market in 2022, and the number of incidents being reported seems to be increasing by the day. A SlowMist report that was published recently said that crypto hacks have stolen over $1 billion from DeFi alone in 2022.
Digital artist Beeple’s Twitter account was also hacked recently, with hackers managing to steal $400,000 worth of crypto funds by posting phishing links. Phishing has become a popular means of attack among bad actors this year.
Some of these attacks have been attributed to the North Korea-linked Lazarus Group. This group is believed to have been behind the $100 million Harmony Protocol Horizon Bridge hack, among many other such hacks.