- Solana confirmed that the addresses affected by today’s security breach were created or used in the Slope wallet.
- The Slope also released an official statement on the situation, noting that it will provide a full autopsy in the future.
- The full details of the attack are still under investigation.
Share this article
Solana and Slope have provided additional information about a security breach that affected several wallets today.
Solana confirms wallet breach
Solana released new details about today’s attack.
Earlier, nearly 8,000 addresses were drained through what was believed to be a breach of third-party wallet app Slope.
This afternoon, Solana Situation confirmed that the addresses affected by the attack “were generated at one point, imported or used in Slope mobile wallet applications”.
It added that the private key information was accidentally transmitted to an app monitoring service. He said further details were “under investigation”.
Although thousands of wallets were compromised, Solana confirmed that the exploit was limited to a single Solana wallet. He added that the Solana protocol itself remains secure.
Additionally, the attack only affected Slope’s downloadable wallet app. Slope hardware wallets are still secure.
Slope also commented about the situation. It said a “cohort” of Slope wallets had been compromised due to the breach and confirmed that its staff’s wallets had been drained.
Slope said it has not confirmed the nature of the attack. “We have some hypotheses as to the nature of the breach, but nothing is firm yet,” Slope said in its official statement. He pledged to publish a full autopsy in the future.
The company also suggested that users take action to secure their money. It advises users to create a new phrase and wallet and transfer their funds to that wallet.
Both companies say they are conducting internal investigations and cooperating with external auditors.
Several other people within the Solana ecosystem provided information and speculated about the attack earlier today.
At least two other projects in the Solana ecosystem have been hacked this year. Cashio was hacked for $28 million in March, while Wormhole was hacked for $322 million in February.
Disclosure: At the time of writing, the author of this piece owned BTC, ETH and other cryptocurrencies.