Solana Hack – A private key attack connected to mobile software wallet Slope is being held responsible for the cumulative loss of around $4.5 million worth of SOL and other tokens by thousands of Solana users between Tuesday night and early Wednesday.
The Solana Status Twitter account released early results on Wednesday after engineers and security auditors collaborated.
“This exploit was isolated to one wallet on SOL, and hardware wallets used by Slope remain secure,” the thread continues. “While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service.”
“There is no evidence the SOL protocol or its cryptography was compromised,” the account added.
In the incident, other Phantom wallets were also emptied of their SOL and tokens, but it seems that the owners of those wallets had previously communicated with a Slope wallet.
Just before the Solana Status post, Slope issued their own statement
Slope wallets are mentioned in the hack, but nothing specific about what transpired is stated, and the company has not accepted liability for the attacks.
“We have some hypotheses as to the nature of the breach, but nothing is yet firm,” it reads in part. “We feel the community’s pain, and we were not immune. Many of our own staff and founders’ wallets were drained.”
“We are still actively diagnosing, and are committed to publishing a full postmortem, earning back your trust, and making this as right as we can,” Slope’s team wrote.
Solscan, a blockchain explorer, reports that it has been more than five hours since one of the four attacking wallets drained any susceptible wallet of cryptocurrencies or tokens. In total, the attackers stole roughly 8,000 different wallets, totaling about $4.46 million in cryptocurrency, according to the Solana Status account.
Many Solana users and platforms originally believed that wallets were being hacked using previously provided rights to a smart contract when the attack started on Tuesday night. However, the fact that the questioned wallets were signing the transactions raises suspicions that the private keys were compromised.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews