L'enquête de Solana indique que l'exploitation du portefeuille est liée à l'application mobile Slope

Suite à l'attaque du portefeuille Solana, l'équipe de Solana Status a informé le public et a précisé que les adresses de portefeuille affectées par la violation étaient liées aux applications de portefeuille mobile Slope. The team further stressed that “there is no evidence the Solana protocol or its cryptography was compromised.”

Solana Status Report Says Affected Addresses Were at One Point Created in Slope Mobile Wallet Applications

Au cours de la dernière 48 hours, the Solana team has been dealing with an attack that saw thousands of Solana-based wallets compromised. À l'époque, Solana Labs co-founder and CEO Anatoly Yakovenko thought the exploit possibly stemmed from a supply chain attack. He explained that iOS and Android wallets were affected when he mentionné: “most of the reports are Slope, but a few Phantom users as well.”

On August 3, 2022, les Solana Status Twitter account explained that the addresses affected in the hack were tethered to Slope mobile wallet applications. “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana Status wrote. “This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.” Solana Status mentionné:

While the details of exactly how this occurred are still under investigation, private key information was inadvertently transmitted to an application monitoring service. There is no evidence the Solana protocol or its cryptography was compromised.

Slope Finance published an official statement from the wallet team and breach details are vague. Slope said “A cohort of Slope wallets were compromised in the breach, we have some hypotheses as to the nature of the breach, but nothing is yet firm, [et] we feel the community’s pain, and we were not immune. Many of our own staff and founders’ wallets were drained.” Slope also added that the team was actively conducting internal investigations and audits, while working with security and audit groups.

LIS  The Number of Euro-Pegged Stablecoins Has Swelled 1,683% Since 2020

Security Experts Say Slope’s Seed Phrases Were Logged in Readable Plaintext

During the official statement, the Slope team further recommended that Slope wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Slope added:

If you are using a hardware wallet, your keys have not been compromised.

Data from Dune Analytics shows that there were more unique addresses that were affected by the breach than initially reported. Statistics show that 9,223 unique addresses suffered from the bug and $4,088,121 in crypto was stolen. Most of the assets hacked were made up of solana (SOL) and SOL-based USDC.

It is being mentionné that Slope’s mnemonic seed phrases transferred to Slope’s server were logged in readable text. The Slope wallet team allegedly stored the mnemonics in debug logging software via a centralized Sentry server. Security experts at Ottersec detailed that “anybody with access to Sentry could access [a] user’s private keys.” Ottersec also noted that the Slope team was “very helpful in sharing data related to the hack.”

Tags dans cette histoire
altcoin, Altcoins, Anatoly Iakovenko, Analyse des dunes, Exploiter, Pirate, Les pirates, Fantôme, Pente, Application de pente, Financement de la pente, Mobile de pente, Portefeuille Pente, SOL, Piratage du portefeuille SOL, USDC basé sur SOL, Solana, PDG de Solana Labs, Co-fondateur de Solana Labs, Exploitation du portefeuille Solana, Vulnérabilité

What do you think about the issues with Slope wallet and the recent exploit that affected Solana users? projets s'appuyant sur le protocole Zebec.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin-Tidings.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin-Tidings.com News about the disruptive protocols emerging today.




LIS  Ponts inter-chaînes qui se connectent 5 Différentes chaînes de blocs à Ethereum

Crédits image: Shutterstock, Pixabay, Wiki Commons

Avertissement: Cet article est à titre informatif seulement. Il ne s'agit pas d'une offre directe ou d'une sollicitation d'offre d'achat ou de vente, ou une recommandation ou une approbation de tout produit, prestations de service, ou des entreprises. Bitcoin-Tidings.com ne fournit pas d'investissement, impôt, légal, ou conseil comptable. Ni la société ni l'auteur ne sont responsables, directement ou indirectement, pour tout dommage ou perte causé ou prétendument causé par ou en relation avec l'utilisation ou la confiance accordée à tout contenu, biens ou services mentionnés dans cet article.

Lire avertissement