Solana and Slope Confirm Wallet Security Breach

Key Takeaways

  • Solana has confirmed that addresses affected by today’s security breach were created or used within the Slope wallet.
  • Slope also published an official statement on the situation, noting that it will provide a full postmortem in the future.
  • Full details of the attack are still under investigation.

Share this article

Solana and Slope have provided additional information on a security breach that affected a multitude of wallets today.

Solana Confirms Wallet Breach

Solana has published new details about today’s attack.

Earlier, nearly 8,000 addresses were drained through what was believed to be a breach of the third-party wallet app Slope.

This afternoon, Solana Status confirmed that the addresses affected by the attack “were at one point created, imported, or used in Slope mobile wallet applications.”

It added that private key information was accidentally transmitted to an application monitoring service. It said that further details “are still under investigation.”

Though thousands of wallets were drained, Solana confirmed that the exploit was confined to just one Solana wallet. It added that Solana and its blockchain protocol and cryptography remain secure.

Furthermore, the attack only affected Slope’s downloadable wallet app. Slope hardware wallets are still secure.

Slope also commented on the situation. It said that a “cohort” of Slope wallets were compromised in the breach and confirmed that its own staff wallets were drained.

Slope said that it has not confirmed the nature of the attack. “We have some hypotheses as to the nature of the breach, but nothing is yet firm,” Slope said in its official statement. It committed to publishing a full post-mortem in the future.

The company also suggested that users take action to secure their funds. It advised users to create a new seed phrase and wallet and transfer their funds to that wallet.

Both companies say that they are performing internal investigations and working with external auditors.

Various other individuals within the Solana ecosystem provided information and speculated on the attack earlier today.

At least two other projects in the Solana ecosystem have been hacked this year. Cashio was hacked for $28 million in March, while Wormhole was hacked for $322 million in February.

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and other cryptocurrencies.

Share this article