Solana was the victim of a $6 million robbery was cleared took out over 8,000 wallets in the early hours of August 3rd. The feat occurred the day after the Nomad Cross Chain Bridge lost in another $190 million hack.
However, there was an update on the Solana hack after some research. According to the developers of the Solana blockchain, the exploit resulted from the negligence of web3 wallet provider Slope wallet.
After investigation by developers, ecosystem teams, and security auditors, it appears that the affected addresses were created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
Why the “Slope-ry Area”
According to the statement, Solana’s ecosystem was not to blame for the loss. The Solana foundation specifically pointed to Slope because most of the affected wallets were linked to it.
In its response, the Slope team as well admissible that he had many wallets drained due to the hack. Likewise, the Phantom wallet confirmed Solana’s findings, which have affected some of his users since the hack.
Based on the findings, the Solana Foundation noted that Slope wallets may have hosted users’ private keys on centralized servers. Additionally, References from other corners reported that hackers could have gained access to users’ wallets.
Hot wallets only
In another related development, Solana CEO Anatoly Yakovenko had earlier connected exploitation in a supply chain issue. However, its chief communications officer, Austin Fedora, revealed that it didn’t happen in a subsequent update.
In his tweet, Fedro said:
“It appeared to impact desktop wallets, mobile wallets, active degens wallets and wallets that had only received one transaction. If it was a supply chain attack that hit all those users, that would be very scary for the entire web3.”
Additionally, he suggested that users who still had assets in their Slope wallet could move them to a secure hard wallet.
At press time, Solana confirmed that investigations are continuing to identify the perpetrators.
But what about Nomad?
According to Nomad’s exploit, there has been some progress. Earlier, the hackers returned about $9 million to the bridge.
#PeckShieldAlert PeckShield identified ～$9 million has returned @nomadxyz_ Refund address including 100 $ETH (~$164k) from address named ENS bitliq.eth, ~3.78m $ USDC~2 m $USDT~15.8m $CQT (~$1.38M), ~1.2M $FRAX (~$1.2M), 200 $WETH (~328k), ~150k $DAI etc. pic.twitter.com/Bpyjt7jnek
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
They then followed it up with another $3.8 million in USDC, ETH, and USDT, especially after Nomad publicly asked for a refund. However, it may appear that the Nomad hackers may not send back all the extracted funds.
According to blockchain security firm PeckShield, hackers launder some of it by sending it from wallet to wallet.
.@RariCapital exploiters transferred ~2 $ETH at 0x72ccbb and 0x76f455 (1 $ETH/address) used to pay gas fees for transactions related to @nomadxyz_ take advantage of, @RariCapital The exploiters (Arbitrum) earned ~$3 million, 0x72ccbb and 0x76f45555 earned ~$2 million on the exploit. pic.twitter.com/aOpeACWHq4
— PeckShieldAlert (@PeckShieldAlert) August 4, 2022