A sophisticated hack at Solana (SOL) has shaken investors. The attackers managed to crack the slope wallet and thus obtain private keys. This allowed them to make almost 5 million US dollars in loot.
Solana (SOL) has been struggling with a serious security problem that appears to be traced back to the Slope Wallet. Early yesterday (Wednesday), the first news made the rounds that users were seeing funds in SOL, other Solana coins and USDC being withdrawn from their software wallets without their own authorization. Relatively quickly, Solana then made the extent known via Twitter: Almost 8,000 wallets were affected, he said. The damage was said to amount to at least $4.6 million. But it took long hours before it was possible to identify where the vulnerability lay.
At first, Solana co-founder Anatoly Yakovenko, for example, suspected a flaw in the system of Apple’s mobile operating system iOS. But this path proved to be wrong. Meanwhile, it became clear that phantom wallets were also affected in addition to slope wallets. However, security teams from Solana and the wallet providers then managed to narrow down the cause of the hack. All of the victims had used Slope’s mobile app at an earlier time, Solana wrote. Private keys were then secretly transferred from there, he said. With Private Keys, attackers had largely free remote access and struck.
Slope itself published an official statement. There it was admitted that Slope wallets were compromised. More detailed background information will be provided in a detailed report at a later date. The Phantom Wallet, which was also affected by the hack, tweeted that it was suspected that hacked users had linked their Phantom Wallet to one at Slope at an earlier time.
Solana hack – what you should do now
Slope, Phantom and Solana urged investors to follow security advice. Those who use or have used a Slope wallet should transfer their crypto assets from the previous software wallet to a new one, generating new seed phrase and passwords, they said. As far as is known so far, hardware wallets have not been compromised by the hack, even in conjunction with the Slope Wallet. Therefore, if you have used the slope wallet now or in the past, you have to take action, transfer your funds and in any case do not repeat the previous seed phrase.
Conclusion: Hack at Solana, Slope and Phantom – shock runs deep
Whether and how victims of the hack will be compensated is so far open. However, according to information so far, they had observed the usual security precautions in their daily use with their SOL. The Slope Wallet, like Phantom’s, is optimized for use with Solana and can also be used as a Web3 browser. Exactly where in this complex interplay the hackers struck remains to be seen. But they should never have gotten hold of Seed Phrase and Private Keys.
Solana’s price curve largely coped well with the attack. In the meantime, SOL did lose almost 10 percent of its value. But when it became clear that the fault was not in Solana’s own blockchain and infrastructure, the popular DeFi Coin immediately corrected back to previous levels, trading at around $40 on Thursday morning.
For you as an investor, as with other hacks from the past, the realization arises: The greatest possible security for your assets in Bitcoin and Co. is only guaranteed by hardware wallets, and on software wallets with online connection you should only temporarily store the coins that you are currently using.