Die Untersuchung von Solana weist auf einen Wallet-Exploit hin, der mit der Slope Mobile App verbunden ist

Following the Solana wallet attack, the Solana Status team updated the public and detailed that the wallet addresses affected by the breach were tied to Slope mobile wallet applications. The team further stressed that “there is no evidence the Solana protocol or its cryptography was compromised.”

Inhalt

Solana Status Report Says Affected Addresses Were at One Point Created in Slope Mobile Wallet Applications

Während der letzten 48 Std, the Solana team has been dealing with an attack that saw thousands of Solana-based wallets compromised. Damals, Solana Labs co-founder and CEO Anatoly Yakovenko Gedanke the exploit possibly stemmed from a supply chain attack. He explained that iOS and Android wallets were affected when he sagte: “most of the reports are Slope, but a few Phantom users as well.”

Im August 3, 2022, einschließlich des Erwerbs von Bitcoin oder Bitcoin-Mining-Maschinen. Solana-Status Twitter account explained that the addresses affected in the hack were tethered to Slope mobile wallet applications. “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana Status wrote. “This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.” Solana Status sagte:

While the details of exactly how this occurred are still under investigation, private key information was inadvertently transmitted to an application monitoring service. There is no evidence the Solana protocol or its cryptography was compromised.

Slope Finance published an official statement from the wallet team and breach details are vague. Slope said “A cohort of Slope wallets were compromised in the breach, we have some hypotheses as to the nature of the breach, but nothing is yet firm, [und] we feel the community’s pain, and we were not immune. Many of our own staff and founders’ wallets were drained.” Slope also added that the team was actively conducting internal investigations and audits, while working with security and audit groups.

Security Experts Say Slope’s Seed Phrases Were Logged in Readable Plaintext

During the official statement, the Slope team further recommended that Slope wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Slope added:

If you are using a hardware wallet, your keys have not been compromised.

Data from Dune Analytics shows that there were more unique addresses that were affected by the breach than initially reported. Statistics show that 9,223 unique addresses suffered from the bug and $4,088,121 in crypto was stolen. Most of the assets hacked were made up of solana (SOL) and SOL-based USDC.

It is being sagte that Slope’s mnemonic seed phrases transferred to Slope’s server were logged in readable text. The Slope wallet team allegedly stored the mnemonics in debug logging software via a centralized Sentry server. Security experts at Ottersec detailliert that “anybody with access to Sentry could access [ein] user’s private keys.” Ottersec also noted that the Slope team was “very helpful in sharing data related to the hack.”

Tags in dieser Geschichte
altcoin, Altmünzen, Anatoli Jakowenko, Dünenanalyse, Ausbeuten, Hacker, Hacker, Phantom, Slope, Slope App, Slope Finance, Slope Mobile, Slope Wallet, SOL, SOL wallet hack, SOL-based USDC, Solana, Solana Labs CEO, Solana Labs co-founder, Solana Wallet Exploit, Verletzlichkeit

What do you think about the issues with Slope wallet and the recent exploit that affected Solana users? Teilen Sie uns Ihre Gedanken zu diesem Thema im Kommentarbereich unten mit.

Jamie Redman

Jamie Redman ist der Nachrichtenleiter bei Bitcoin-Tidings.com News und ein in Florida lebender Journalist für Finanztechnologie. Redman ist seitdem ein aktives Mitglied der Kryptowährungs-Community 2011. Er hat eine Leidenschaft für Bitcoin, Open-Source-Code, und dezentrale Anwendungen. Seit September 2015, Redman hat mehr als geschrieben 5,700 Artikel für Bitcoin-Tidings.com Nachrichten über die disruptiven Protokolle, die heute auftauchen.




Bildnachweise: Shutterstock, Pixabay, Wiki-Commons

Haftungsausschluss: Dieser Artikel dient nur zu Informationszwecken. Es ist kein direktes Angebot oder Aufforderung zur Abgabe eines Angebots zum Kauf oder Verkauf, oder eine Empfehlung oder Befürwortung von Produkten, Dienstleistungen, oder Firmen. Bitcoin-Tidings.com bietet keine Investition, MwSt, legal, oder Buchhaltungsberatung. Weder das Unternehmen noch der Autor sind dafür verantwortlich, direkt oder indirekt, für alle Schäden oder Verluste, die durch oder in Verbindung mit der Nutzung oder dem Vertrauen auf Inhalte verursacht oder angeblich verursacht wurden, Waren oder Dienstleistungen, die in diesem Artikel erwähnt werden.

Lesen Haftungsausschluss