Cryptocurrency
DeFi
Exchanges
Stablecoins
NFTs
Wallets
Bitcoin
Ethereum
Tokens
ICOs
IEOs
Technology
Crypto
Banking
Supply Chain
Security
Healthcare
Mining
AI
Advertising
Gaming
Retail
Education
Analytics
Hosting
Business
Partnerships
Investments
Adoption
Acquisitions
Conferences
IPOs
Legal
Lawsuits
Patents
Politics
Fraud
Research
Guides
Opinion
Cryptocurrency
Technology
Business
Legal
Politics
Fraud
Research
Guides
Opinion
The Chain Bulletin logo

Slope Wallet Likely Tied to Solana’s Exploit

  • Solana developers claimed an investigation found no evidence that the protocol or its cryptography were compromised in the widespread exploit.
  • The investigation, however, discovered that the affected wallets were either “created, imported, or used” in Slope’s mobile app at one point in time.
by Krasimir Buchvarov August 4, 2022, 11:27 AM
SOLANA

Shutterstock

Investigations into Solana’s recent incident suggest that wallet provider Slope could be responsible for the widespread wallet exploit on the network, an account run by the Solana Foundation said on Twitter on 3 August.

According to Solana Status, an investigation by developers, ecosystem teams, and security auditors found no evidence that the “Solana protocol or its cryptography was compromised”. It discovered, however, that the affected addresses were at one point “created, imported, or used in Slope mobile wallet applications”, suggesting that the wallet provider was largely responsible for the security exploit. Slope confirmed that a “cohort” of its wallets were compromised in the breach, stating that:

“We have some hypotheses as to the nature of the breach, but nothing is yet firm. We are still actively diagnosing, and are committed to publishing a full postmortem, earning back your trust, and making this as right as we can.”

Although details of how exactly the incident occurred are still under investigation, Solana Status noted that private key information was inadvertently transmitted to an application monitoring service. Developers for the Phantom wallet confirmed that Slope was the most likely reason for the incident, saying they had “reasons to believe the exploit was due to complications related to importing accounts to and from Slope”.

Reports of the exploit started to appear on Tuesday night, when users started claiming their Solana-based wallets had been drained from funds. Later, it became clear that an attacker had gained the ability to sign transactions on behalf of other users, which had compromised around 8,000 wallets on the network.

Solana’s head of communications, Austin Fedora, later shared that 40% of the drained wallets belonged to Slope users, while 60% were owned by Phantom users. After “extensive interviews and requests to the community” it became clear that not a single wallet affected by the exploit had its seed phrase generated using Phanotm.

Discussion
Related Coverage
Balancer Exploited After Giving Warning
  • DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
  • The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.
August 28, 2023, 1:55 PM
unlock

Shutterstock

Zunami Protocol’s Stablecoin Pools Exploited, Suffers $2.1M Loss
  • DeFi yield aggregator Zunami Protocol confirmed that a hacker had attacked its “zStables” pools on Curve Finance using a price manipulation exploit.
  • Security firm PeckShield has estimated that over $2.1 million was lost during the attack, while SlowMist said it had informed Zunami of the vulnerability two months ago.
Curve Exploited for $41M Due to Vyper Vulnerability
  • Versions 0.2.15, 0.2.16, and 0.3.0 of Vyper have malfunctioning reentrancy locks, which left smart contracts compiled with them vulnerable to reentrancy attacks.
  • An estimated 460 contracts were compiled using these versions of Vyper which resulted in millions being lost to attacks, with Curve Finance reportedly losing $41 million.