As a Solana mobile wallet is tapped for major network attacks, it’s possible that private keys were accidentally compromised. The Slope mobile wallet app is suspected to be responsible for the large-scale Solana wallet hack that began Tuesday night.
Solana developers believe that the private key information for affected wallets was “inadvertently transmitted” to a third-party.
The collective loss of $4.5 million in SOL tokens by thousands of Solana users from Tuesday night to Wednesday morning is being blamed on a private key exploit that was tied to the mobile software wallet Slope.
On Wednesday afternoon, Solana Status Twitter account shared preliminary results from collaboration between developers, security auditors and stated that “it appears that affected addresses were at some point created, imported or used in Slope Mobile wallet applications.”
The thread states that the exploit was limited to Solana’s wallet, while hardware wallets used for Slope are secure. While the exact cause of this incident is still being investigated, private key information was accidentally transmitted to an application monitoring company.
The account stated that there is no evidence that the Solana protocol was or its cryptography were compromised.
See below for our official statement on the breach situation (now posted to our Medium).— Slope (@slope_finance) August 3, 2022
We empathize with everyone affected, and are doing our best to solve and rectify the situation.https://t.co/E9xrKbdLOy
It was also possible to drain some Phantom wallets of their SOL tokens and tokens. However, it seems that the wallet holders were previously connected with a Slope wallet. “Phantom believes that the reported exploits were due to complications regarding importing accounts from and to Slope,” the Phantom Team tweeted today.
Slope issued its own statement shortly before the Solana Status thread. Although it acknowledges that Slope wallets were hacked, it does not detail the details or take responsibility.
It reads, “We have some hypotheses about the nature of breach, but it is not yet clear,”. We feel the pain of the community, and we weren’t immune. Many of our founders and staff were left with empty pockets.”
“We are still actively diagnosing and are committed to publishing the full postmortem and earning back your trust and making this as right and as accurate as possible,” Slope’s team wrote.
Blockchain explorer Solscan says it has been over five hours since any of the four attacker wallets took cryptocurrency or tokens out of any vulnerable wallet. The attackers stole approximately $4.46 million of crypto from the Solana Status account, which claimed that there were around 8,000 unique wallets.
The attack began on Tuesday night. Many Solana users and platforms suspected that smart contracts were being used to exploit wallets. The transactions were signed by the wallets, indicating compromised private keys.
Slope suggests that users create a new wallet and a new seed phrase, then transfer funds to it. Hardware wallets were not affected by the hack and can be used to protect assets during the ongoing exploit.