Solana Hack Blamed on Slope Mobile Wallet Exploit (decrypt.co) 11

Posted by msmash on Thursday August 04, 2022 @01:03PM from the security-woes dept.

Thousands of Solana users collectively lost about $4.5 million worth of SOL and other tokens from Tuesday night into early Wednesday, and now there's a likely explanation for why: it's being blamed on a private key exploit tied to mobile software wallet Slope. From a report: On Wednesday afternoon, the official Solana Status Twitter account shared preliminary findings through collaboration between developers and security auditors, and said that "it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications."

"This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure," the thread continues. "While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service." "There is no evidence the Solana protocol or its cryptography was compromised," the account added. Some Phantom wallets were also drained of their SOL and tokens in the attack, however it appears that those wallets' holders had previously interacted with a Slope wallet. "Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from Slope," the Phantom team tweeted today.

Solana Hack Blamed on Slope Mobile Wallet Exploit

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 11 Comments Log In/Create an Account

Comments Filter:

Huh? "Hack"? (Score:2)

by Lisandro ( 799651 ) writes:

I guess "code is law" doesn't apply anymore, huh.
Comment removed (Score:5, Funny)

by account_deleted ( 4530225 ) writes: on Thursday August 04, 2022 @01:09PM (#62762456)

Comment removed based on user account deletion

ProTip: Don't send seed phrases in plaintext (Score:2)

by Felix Baum ( 6314928 ) writes:

Wow. Details here https://mobile.twitter.com/moo... [twitter.com] Seed phrases transmitted to one of their api endpoints
- Re: (Score:3)
  
  by Lisandro ( 799651 ) writes:
  
  Absolutely everything related to cryptocurrencies and "DeFi" is a security nightmare. No wonder we get a story about funds being drained per week.
  - Re: (Score:2)
    
    by account_deleted ( 4530225 ) writes:
    
    Comment removed based on user account deletion
I guess the customers are... (Score:5, Funny)

by gosso920 ( 6330142 ) writes: on Thursday August 04, 2022 @01:18PM (#62762490)

... SOL (Shit Out of Luck).

Just another day in cryptoland (Score:1)

by RUs1729 ( 10049396 ) writes:

Either they scam you, or else hackers get your funds. Are you feeling lucky today, punk?
Solena, slope (Score:1, Interesting)

by Iamthecheese ( 1264298 ) writes:

I'm not going to learn the names of a hundred fly-by-night cryptowazits. And I'm reallynot going to pretend they're something I should know the names of, or which sudokus they use, or how they network. So in my book yet another one going bust or getting stolen from or turning out to be a scam isn't news, it's Thursday. Editors, if you must post these stories please include information about what the coin app of the minute is and why it's important.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Solana Hack Blamed on Slope Mobile Wallet Exploit (decrypt.co) 11

Solana Hack Blamed on Slope Mobile Wallet Exploit More Login

Solana Hack Blamed on Slope Mobile Wallet Exploit

Huh? "Hack"? (Score:2)

Comment removed (Score:5, Funny)

ProTip: Don't send seed phrases in plaintext (Score:2)

Re: (Score:3)

Re: (Score:2)

I guess the customers are... (Score:5, Funny)

Just another day in cryptoland (Score:1)

Solena, slope (Score:1, Interesting)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot