Money

Solana’s Investigation Indicates Wallet Exploit Tied to Slope Mobile App – Altcoins Bitcoin News


Following the Solana wallet attack, the Solana State team publicly updated and detailed that the wallet addresses affected by the breach were linked to the Slope mobile wallet applications. The team further emphasizes that “there is no evidence that the Solana protocol or its cryptography has been compromised.”

Solana status report says affected addresses were at a point created in Slope mobile wallet app

In the past 48 hours, Solana’s team has been dealing with a attack caused thousands of Solana-based wallets to be compromised. At the time, Solana Labs co-founder and CEO Anatoly Yakovenko thought The exploit can originate from a supply chain attack. He explained that iOS and Android wallets were affected when he speak: “Most reports are Slope, but there are also some Phantom users”.

On August 3, 2022, Solana’s state The Twitter account explains that the addresses affected in the attack are connected to the Slope mobile wallet apps. “Following an investigation by the developers, the ecosystem team, and the security auditor, it appears that the affected addresses were created, imported, or used in the Slope mobile wallet applications,” said Solana. Status writes. “This mining is segregated from a wallet on Solana, and the hardware wallet used by Slope remains secure.” Solana’s state speak:

While the details of exactly how this happened are still under investigation, the private key information was inadvertently transmitted to an application monitoring service. There is no evidence that the Solana protocol or its cryptography has been compromised.

Slope Finance has published a official statement from the wallet team and the breach details are vague. “A cohort of Slope wallets was compromised in the breach, we have several theories about the nature of the breach, but nothing is certain,” Slope said. [and] We feel the pain of the community, and we are not immune. Many of our employees and founders’ wallets are exhausted. Slope also added that the team actively conducts internal audits and investigations, and works with audit and security teams.

Security experts say that Slope’s seed phrases were logged in readable plaintext

In the official statement, the Slope team further recommends that Slope wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Added gradient:

If you are using a hardware wallet, your keys are not compromised.

Data from Dune Analytics shows that there are more unique addresses affected by the breach than initially reported. Statistics show that 9,223 unique addresses failed and $4,088,121 in crypto was stolen. Most of the assets attacked were made up of solana (SOL) and USDC based on SOL.

It’s happening speak that Slope’s mnemonic seed phrases transmitted to Slope’s server were recorded in readable text. The Slope wallet team allegedly stored the memos in debug logging software through a centralized Sentry server. Security experts at Ottersec detail that “anyone with access to Sentry can access [a] user private key. Ottersec also notes that the Slope team has been “very helpful in sharing data related to the hack”.

Cards in this story

altcoin, Altcoins, Anatoly Yakovenko, Dune Analytics, Exploit, Hacker, Hacker, ghost, Slope, Slope app, Slope finance, Slope Mobile, Slope wallet, SOL, Hack SOL wallet, USDC based on SOL, Solana, Solana Labs CEO, Co-Founder Solana Labs, Solana wallet mining, Vulnerability

What do you think of the problems with Slope wallets and recent mining that have affected Solana users? Let us know your thoughts on this topic in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a fintech journalist living in Florida. Redman has been an active member of the crypto community since 2011. He has a passion for Bitcoin, open source and decentralized applications. Since September 2015, Redman has written over 5,700 articles for Bitcoin.com News about the groundbreaking protocols emerging today.




Image credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This newspaper only gives true information. It is not a direct offer or solicitation to buy or sell, or a recommendation or endorsement for any product, service or company. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the Company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or materials. goods or services mentioned in this article.





Source link

kignews

Kig News: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button