Slope Offers Bounty to Solana Wallet Hackers, Threatens Legal Action

Slope Wallet has announced a 10% reward and no legal action will be taken if the hackers refund the Solana wallets taken earlier this week.

In the Twitter announcement, wallet provider Solana included a designated wallet address where the hackers will have to return 90% of the funds.

He also gave an ultimatum of 48 hours starting at 8:30 p.m. UTC on August 5, 2022. In addition, the wallet provider promised not to proceed with its investigations or take legal action if it receives the funds within the period.

In addition, the Slope Finance team claimed to have hired leading blockchain intelligence firm TRM Labs and is cooperating with law enforcement agencies. But its main priority remains the safe return of users’ funds.

However, the chances of hackers taking over the deal are slim. As one user pointed out, “encryption provides anonymity with the ability to launder assets indefinitely.” So the hacker’s identity can remain a secret unless he gets sloppy.

Slope was one of the major Solana wallets affected by the recent breach. Other wallets that have been hacked include Phantom, Solflare and TrustWallet.

Slope advises users to create new wallets

Meanwhile, the Slope Finance team has advised all users to create new wallets with new phrases and move their assets there. He added that users should not use the same phrase for the new wallet.

Many in the cryptocurrency community have criticized this practice of storing users’ passphrases, since wallets are not supposed to be custodians.

In the official statement shared shortly after the attack, the wallet provider said that “many of our staff and founders’ wallets were depleted” and is working to “identify and fix.”

Solana wallet breach detected on Slope

According to available information, over 8000 Solana wallets lost their funds to the attack, with over $4 million drained from Slope Wallets alone.

Although the root cause of the attack was not quickly discovered, the blockchain network traced the attack to a Slope wallet.

Blockchain security firm OtterSec discovered that the hacker had access to the central Slope Sentry server, where all users’ keyphrases were stored in plain text.