Giant hack on Solana: the vulnerability identified, the Slope wallet in turmoil

After more than 24 hours of crisis, the dust is finally starting to settle on the Solana network. If the time is not yet quite for the balance sheet and the settling of accounts, the particular responsibility of a particular non-custodial wallet seems more and more proven.

SOL against all

It’s time for accounts after a handful of agonizing hours for the entire Solana community, and more particularly users of hot wallets (hot storage). Wallets massively attacked overnight from Tuesday to Wednesday for France, left thousands of victims in the wake of a hack as massive as it was initially incomprehensible.

According to information available on Solscan, more than 10,400 wallets were attacked and siphoned off. All for damage assessed at nearly $5 million, mainly in SOL tokens and USDC stablecoins (details below).

During the day yesterday, leads allowing perhaps to go back to the person responsible for this major hacking came to light (some particularly creative). It is now the exploited vulnerability that seems to have been identified.

>> Make the choice of security: Register on PrimeXBT (commercial link) <

The inconsistency of the Slope portfolio pointed out

If the conditional remains in place in such cases, it is disbelief that nevertheless dominates when the latest information is revealed.

These first elements were press releases by the Solana team itself. They indicate that the flaw exploited by the hackers would have concerned the Slope portfolio.

Seeing a crypto-asset storage wallet successfully attacked is never good news. But even more, it is the details of this attack that leave one wondering: it appears that the private keys of thousands of users have been compromised because transferred to centralized servers of a part, but especially transmitted in a way that one qualifies as “light” to third parties by Slope.

Obviously an aggravating factor, the massive exploitation of these targeted strategic data without the shadow of a doubt that these were available “in clear”. In other words, not encrypted. Inconvenient in an industry where cryptography represents the alpha and omega of good practices.

Solana statement following the hack, incrimination of the Slope wallet

“This exploit has been isolated to a wallet on Solana, and the hardware wallets used by Slope remain secure. The details of exactly how this happened are still being investigated. But private key information was inadvertently passed to an application monitoring service”

Once again, however, we remain cautious, while the investigations post mortem are in classand that the situation is changing from hour to hour.

What is certain, however, is that it is the use of Slope’s services that serves as the common denominator for this large-scale piracy. Indeed, if users of the wallet Phantom were also impacted, it appears that the victims had systematically created their wallet on Slope, before eventually migrating to its competitor (while keeping the same private key). The use of the mobile version of Slope also seems to have been one of the vulnerability criteria.

Slope posted a status update a few hours ago, indicating that they are aware of the situation (some of the founders’ and team’s wallets affected by the hack) and are working towards a quick resolution.

Solana’s team for its part insisted (rather legitimately) on the fact that the network itself had not been compromised at any time, recalling that this incident was the direct consequence of a lack of security on the part of from a third party. In the meantime, users of Pente solutions are advised to take the time to recreate a storage portfolio, in order to migrate their assets there. If necessary, find the Phantom installation tutorial here.

Stay away from dramas and crypto hacks: for your security, trust reliable and strong partners. Register now on the PrimeXBT platform (commercial link).

Leave a Comment