{"id":573976,"date":"2022-08-04T12:07:33","date_gmt":"2022-08-04T11:07:33","guid":{"rendered":"https:\/\/en.ethereumworldnews.com\/?p=573976"},"modified":"2022-08-04T12:07:44","modified_gmt":"2022-08-04T11:07:44","slug":"slope-wallet-caused-solana-exploit","status":"publish","type":"post","link":"https:\/\/en.ethereumworldnews.com\/slope-wallet-caused-solana-exploit\/","title":{"rendered":"Solana Exploit Possibly Caused by Slope Wallet Vulnerability"},"content":{"rendered":"\n<ul><li>A bug in Slope wallets is believed to be behind the recent theft from Solana wallets.<\/li><li>Nearly $6 million was stolen from 9,000 addresses.<\/li><li>Teams are still continuing their investigation and will publish a full report later.<\/li><\/ul>\n\n\n\n<p>The recent attack on Solana wallets that saw 9,000 addresses drained of nearly $6 million has been attributed to compromised private keys on Slope mobile wallet applications. An initial investigation by the teams says that the private key details of the compromised wallets were inadvertently transferred to a third party.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1\/2<\/p>&mdash; Solana Status (@SolanaStatus) <a href=\"https:\/\/twitter.com\/SolanaStatus\/status\/1554921396408647680?ref_src=twsrc%5Etfw\" rel=\"nofollow noopener\">August 3, 2022<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>After developers, ecosystem teams, and security auditors began investigating <a href=\"https:\/\/en.ethereumworldnews.com\/solana-token-drops-as-millions-worth-of-user-funds-compromised-in-the-latest-solana-wallet-hack\/\" target=\"_blank\" rel=\"noreferrer noopener\">the attack<\/a>, they noticed that the affected addresses were at one point created, imported, or used in Slope mobile wallet applications. They also noticed that the exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.<\/p>\n\n\n\n<p>While Slope continues its investigation, it has <a href=\"https:\/\/docs.google.com\/document\/d\/1zdm2KMW2g6JYHsdmSe8zDs56l4NfL-MaQ7nIbV9ohc8\/edit\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">asked all Slope users<\/a> to create a new and unique seed phrase wallet and transfer all their assets there. Hardware users remain safe and do have to worry about their keys. The team will publish a full post-mortem later.<\/p>\n\n\n\n<p>Four attackers have been identified, attacking about 9,000 unique wallets. So far, all those investigating have said that there does not appear to be a bug within the Solana code. It is the software used by popular wallet providers that appear to have been vulnerable.<\/p>\n\n\n\n<p>Solana Labs co-founder Anatoly Yakovenko said that the attack seemed like \u201can iOS supply chain attack,\u201d though he later noted that Android users seemed to be affected as well. He also concluded that it was likely a bug specific to Slope.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Seems like an iOS supply chain attack. Multiple plausible wallets that only received sol and had no interactions beyond receiving have been affected. <a href=\"https:\/\/t.co\/ne0g3ZmLH5\" rel=\"nofollow\">https:\/\/t.co\/ne0g3ZmLH5<\/a><br><br>As well as key that were imported into iOS, and generated externally.<a href=\"https:\/\/t.co\/hStAr1mU6Q\" rel=\"nofollow\">https:\/\/t.co\/hStAr1mU6Q<\/a><\/p>&mdash; SMS aey.sol, \ud83c\uddfa\ud83c\uddf8 (@aeyakovenko) <a href=\"https:\/\/twitter.com\/aeyakovenko\/status\/1554745536741138433?ref_src=twsrc%5Etfw\" rel=\"nofollow noopener\">August 3, 2022<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<h2>Hacks Continue in Crypto Space<\/h2>\n\n\n\n<p>There has been no shortage of hacks in the crypto market in 2022, and the number of incidents being reported seems to be increasing by the day. A SlowMist <a href=\"https:\/\/en.ethereumworldnews.com\/crypto-hacks-drained-1-billion-defi-2022\/\" target=\"_blank\" rel=\"noreferrer noopener\">report<\/a> that was published recently said that crypto hacks have stolen over $1 billion from DeFi alone in 2022.<\/p>\n\n\n\n<p>Digital artist Beeple\u2019s Twitter account was also <a href=\"https:\/\/en.ethereumworldnews.com\/hackers-laundered-nearly-400000-worth-of-funds-using-beeples-hacked-twitter-account\/\" target=\"_blank\" rel=\"noreferrer noopener\">hacked recently<\/a>, with hackers managing to steal $400,000 worth of crypto funds by posting phishing links. Phishing has become a popular means of attack among bad actors this year.<\/p>\n\n\n\n<p>Some of these attacks have been attributed to the North Korea-linked Lazarus Group. This group is believed to have been behind the $100 million <a href=\"https:\/\/en.ethereumworldnews.com\/lazarus-group-behind-100m-harmony-hack\/\" target=\"_blank\" rel=\"noreferrer noopener\">Harmony Protocol Horizon Bridge hack<\/a>, among many other such hacks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A bug in Slope wallets is believed to be behind the recent theft from Solana wallets. Nearly $6 million was stolen from 9,000 addresses. Teams are still continuing their investigation and will publish a full report later. The recent attack on Solana wallets that saw 9,000 addresses drained of nearly $6 million has been attributed to compromised private keys on Slope mobile wallet applications. An initial investigation by the teams says that the private key details of the compromised wallets [&hellip;]<\/p>\n","protected":false},"author":52,"featured_media":573981,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[947,2,108340,26],"tags":[48,83,108647,2889,162,108646,108645,108360],"_links":{"self":[{"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/posts\/573976"}],"collection":[{"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/users\/52"}],"replies":[{"embeddable":true,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/comments?post=573976"}],"version-history":[{"count":2,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/posts\/573976\/revisions"}],"predecessor-version":[{"id":573982,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/posts\/573976\/revisions\/573982"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/media\/573981"}],"wp:attachment":[{"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/media?parent=573976"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/categories?post=573976"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/en.ethereumworldnews.com\/wp-json\/wp\/v2\/tags?post=573976"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}