Solana Hack Blamed on Slope Mobile Wallet Exploit
Thousands of Solana users collectively lost about $4.5 million worth of SOL and other tokens from Tuesday night into early Wednesday, and now there's a likely explanation for why: it's being blamed on a private key exploit tied to mobile software wallet Slope. From a report: On Wednesday afternoon, the official Solana Status Twitter account shared preliminary findings through collaboration between developers and security auditors, and said that "it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications." "This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure," the thread continues. "While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service." "There is no evidence the Solana protocol or its cryptography was compromised," the account added. Some Phantom wallets were also drained of their SOL and tokens in the attack, however it appears that those wallets' holders had previously interacted with a Slope wallet. "Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from Slope," the Phantom team tweeted today.
Read more of this story at Slashdot.