-Solana Status(@SolanaStatus)
After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service. 2/3
There is no evidence the Solana protocol or its cryptography was compromised. 3/3
proof of stake
reply
what you mean??
reply
I mean Solona is very centralized with proof of stake, the reason of attack is centralization
reply
Solana is heavily centralized.
reply
-Solana Co-founder Anatoly Yakovenko
Attacker is lazy at driving all the paths. A bunch of phantom users only saw their slope addresses get drained. I would advise anyone that touched slope to regenerate their seed phrase in a different wallet asap.
reply
-Solana's head of communications Austin Fedora
We spun up a Typeform to collect data and the results were clear – of those drained ~60% were Phantom users and 40% Slope users. But after extensive interviews and requests to the community, we couldn't find a single Phantom-forever user who had their wallet drained There's a lot more to go into about the actual vulnerability, but work is still ongoing at this point. https://t.co/pXeWbanveB There's far too many people to tag, but something all of CT should know is, in a moment potentially catastrophic crisis people who sometimes snipe on Twitter rolled up their sleeves and got to work. The investigations are ongoing, and I can't stress enough the importance of creating a new seed phrase in a non-slope wallet, and moving any assets you have in a Slope hot wallet over. Then go buy a hardware wallet. And what about the ETH users drained? Turns out, they'd been using their Solana BIP39 phrase in Ethereum, too! So the hacker inadvertently was able to access assets stored on ETH. From the outside, it was indistinguishable from a supply chain attack.
reply
-Phantom Team @phantom
1/ Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from @slope_finance. We are still actively working to identify whether there may have been other vulnerabilities that contributed to this incident.
2/ In the meantime, if any Phantom users have also installed other wallets, we recommend you try to to move your assets to a new non-Slope wallet with a fresh seed phrase.
reply