Following yesterday’s security breach of the Solana ecosystem, which saw the hacker steal crypto from thousands of Solana users, there are now indications that the wallet provider Slope is largely to be blamed for the security exploit.
Slope, a Web3 wallet provider, is designed to work with Solana’s layer-1 blockchain. Following an assessment of the situation, Solana, via its Twitter handle, has come out to shed some light on the security breach. According to Solana,
“Affected addresses were at one point created, imported or used via Slope’s mobile wallet applications.”
The Solana ecosystem security breach also affected Solana’s co-founder Anatoly Yakovenko, who linked his Twitter hacked account to the Solana ecosystem breach via Slope wallets. He went further to advise users to generate seed phrases using wallet providers other than Slope in the meantime. He also encouraged affected users to embrace the cold/hot wallet separation.
A postmortem of the Solana ecosystem’s hack
The Solana ecosystem security breach was first noticed on August 2, following complaints from the community about their Solana and other tokens being drained from their wallets. While investigations are still ongoing, the hacker has reportedly made off with $6 million worth of tokens from nearly 8,000 affected wallets.
The Solana Foundation has provided more details about the security breach through in-depth analysis. According to the Solana Foundation, the private keys for the compromised wallets were transmitted by hackers to an application monitoring service., such as the one provided by Slope. The company further added that there isn’t any suggestion so far that the Solana protocol or cryptography was breached during the attack.
Ongoing investigations suggest that wallet service provider Slope may have uploaded users’ seed phrases to a centralized server, adding that the servers could have been breached, leaking seed phrases, which the hacker then used to execute transactions.
Some earlier reports regarding the attack stated that Slope and Phantom wallet users were being targeted. This caused many people to believe there could be something wrong with the Solana protocol. Nevertheless, after a detailed security analysis of the situation, it has now emerged that the breach was an isolated case involving just hot wallets.