Slope Wallets Blamed for $6 Million Solana Hack
Following the recent news that more than 9,000 hot wallets holding Solana cryptocurrency (SOL) were compromised, the developers of this particular blockchain are now saying the Slope wallets are actually to blame.
Numerous Solana users started to notice that their hot wallets had been compromised. Some $6 million worth of tokens have been stolen so far from the wallets. Affected users had hot wallets and seem to be primarily mobile users.
Hot wallets are always online, and the keys are stored in a centralized solution. While this gives users instant access to their funds, it also opens up several security issues. Initially, Solana developers said nothing about the breach, but after some investigating, they stated that the Solana blockchain was not to blame.
“After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” said the Solana devs on Twitter.
“This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure. While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service. There is no evidence the Solana protocol or its cryptography was compromised,” they added.
Several developers on Twitter accused Slone of storing encryption keys in plain text on a centralized server, but Slope denied it. The wallet devs also issued a statement admitting that the attack had affected a “cohort” of wallets. They have yet to confirm the true nature of the breach.
Slope advised its users to create a new and unique seed phrase wallet and transfer all assets to this new wallet. Reusing the exact seed phrase is not advisable. Owners of hardware wallets remain safe.
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022