Developers Uncover Vulnerability Likely Tied To Multi-Million Solana Hack
KEY POINTS
- Thousands of Solana hot wallets were drained of funds due to a hack
- The hack took place Tuesday
- SOL was trading up 1.24% at $39.05
Solana developers discovered the culprit behind the multi-million hack that started Tuesday and so far, they are pointing the blame on the Slope Finance mobile wallet app.
Solana (SOL), the public blockchain with smart contract functionality, made headlines after it trended on Twitter on Tuesday. Multiple users reported losing their funds while others posted the hack as it happened. Several others advised consumers with Solana-based wallets to move their funds immediately.
The hack drained nearly 8,000 Solana-based hot wallets of funds, which between Tuesday and early morning Wednesday amounted to approximately $4.5 million. Experts immediately looked into the blockchain's protocol and cryptography to check if they were compromised, but the developers' initial assessment pointed to the Slope Finance mobile wallet app.
As the dust settled, crucial details came to light on the origin of the exploit, which proved the initial assessment accurate. Solana released an official statement Wednesday afternoon on its Twitter account, containing preliminary findings of security auditors and developers and noting that addresses affected by the hack "were at one point created, imported, or used in Slope mobile wallet applications."
Later that day, Slope released an official statement regarding the large-scale hack, revealing that "a cohort of Slope wallets were compromised in the breach." According to the Web3 wallet provider, it has "some hypotheses as to the nature of the breach, but nothing is yet firm."
Slope also provided an update on the steps it is taking to safeguard its users' interests, including "actively conducting internal investigations and audits, working with top external security and audit groups" and "working with developers, security experts, and protocols from throughout the ecosystem to work to identify and rectify."
The team also advised users to "create a new and unique seed phrase wallet, and transfer all assets to this new wallet." Slope also discouraged users from using the same seed phrase on the newly–created wallet.
Getting hacked is a tragic and devastating experience, but the only thing worth noting in this latest mayhem is that it was not a seed generation issue or the blockchain itself getting compromised. If it were, the hack would have a catastrophic impact not only on Solana but on the entire cryptocurrency ecosystem.
As of 2:57 a.m ET Thursday, SOL was trading up 1.24% at $39.05 with a 24-hour volume of $1,694,909,735, according to the latest data from CoinMarketCap.
© Copyright IBTimes 2024. All rights reserved.