Search Inside Bitcoins

Solana provides an update on Slope’s exploitation.

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Slope wallet provider linked to hack on Solana-based wallets
Slope wallet provider linked to hack on Solana-based wallets

Join Our Telegram channel to stay up to date on breaking news coverage

Solana, a fast-growing decentralized blockchain, has provided an update on the recent exploitation of Slope Finance, a community-based decentralized exchange. The blockchain protocol gave the update in a blog post relayed on its official handle. According to Solana, its investigation discovered that the affected wallets were exploited and drained through their private keys.

Recall that Slope Finance is a protocol built on the Solana ecosystem. Recently, it endured unprecedented exploitation, leading to the draining of over 9,000 wallets. Notably, the attack lasted about 4 hours and consequently led to the loss of $4.1 million in assets. Shortly after the news of the exploitation dominated the airspace, speculators began to suggest that Solana must have been affected by the exploitation of one of its projects, Slope. The speculation arose tension among users, forcing the protocol to commence investigations into the issue.

Solana, after investigation, has now refuted claims that its network was affected by the exploitation. It claimed that the attack never unfolded as a “protocol-level vulnerability.” According to the protocol, this proves that no core code related to Solana Labs, the Solana Foundation, was involved in the exploitation.

Additionally, the update shows that the exploiters attacked for over four hours. According to Solana, the investigation into the saga illustrated that the affected addresses were initially initiated or utilized in Slope wallet apps via iOS and Android devices. It further states that Slope shared the private keys of those addresses with a monitoring app. 

According to on-chain transactions, these keys were leaked and compromised to sign malicious transactions. However, as of press time, more investigations are still ongoing to ascertain how the attacker secured access to the private keys of the affected wallets.

The blockchain protocol noted that the exploitation was isolated to a wallet service provider, supporting Ethereum and Solana addresses. It added that only Ethereum or Solana users who reused seed phrases generated or stored within Slope became victims. According to Solana, “this is not currently believed to be an issue directly related to any specific wallet implementations other than Slope’s.”

However, users who have done this are admonished to generate a new seed phrase in another wallet app. Afterward, they are expected to migrate all their assets to the new wallet and abandon the compromised one. Additionally, the protocol warns them again reusing any wallets gotten from seed phrases initially used with Slope apps.

Notably, Solana insisted that hardware wallets were not affected by the hack. Additionally, the blockchain protocol said wallets generated through seed phrases without any importation records to Slope were not affected.

Solana, however, expresses readiness to work with Slope Finance, security experts, and protocols to ascertain the full extent of the attack. As revealed, the Slope Finance team will, in the future, update the public on the post-mortem of the hack.

Related

Join Our Telegram channel to stay up to date on breaking news coverage

Read next