After Solana’s massive attack yesterday, its investigation department began to uncover more about the attack. Their investigation has yielded a result as they now have the likely culprit of the attack.
Slope Is A Third Party In The Recent Attack
Following the investigation, Solana revealed that Slope wallet, a thirty-party hot wallet running on the Solana network, was the culprit. Even though Solana users were the victims, the fault was not from the Solana network but the Slope wallet.
According to Solana’s investigation, the victims were mainly Slope’s hot wallet users; also, no hardware wallet users have fallen victims yet. However, Solana has urged all Slope users, victims and non-victims, to regenerate their unique seed phrase wallets.
Afterward, they should transfer their assets to the new wallet and ensure the old, and new seed phrases differ. The network said hardware wallet users are saved from the attack.
Additionally, the team promised to get to the root of the matter as they continued their effort to restore normalcy and gain users’ trust back. According to a report, Phantom’s hot wallet users were also victims of yesterday’s attack.
The multiple wallets involved initially created a perception that all the projects running on Solana were affected. However, the report showed that the specific Phantom wallets exploited once used their seed phrase on Slope wallets. Anyone who has used a Slope wallet is vulnerable to the attack, but there’s a catch.
Slope Wallet’s Cyber Security Malpractices Led To The Attack
Confusingly, Solflare wallets users who had once logged into Slope wallet with their seed phrase were not affected. The theory that anyone who has ever used a Slope wallet is vulnerable to an attack is no longer valid.
Tech experts from top networks like Ethereum and other cross-chain wallets have been meditating together on solving the case since yesterday. They have established that the attack was not due to a faulty system or supply chain weakness.
They confirm this as neither Solana, Slope, nor Phantom suffered any security breach in their systems. Following this fact, another notion arose that Slope wallets gave out users’ seed phrases to a third party.
However, the latest report from the investigation team revealed that Slope did not participate in any sell-out seed phrase. Instead, its cyber security malpractices had led to the unfortunate hack.
According to the report, Slope secretly saved seed phrases on its centralized servers. That was the main access point the perpetrator used to drain about 9000 wallets yesterday.
The victims lost a fortune in crypto assets of which SOL and USDC dominate. A thorough investigation is still ongoing to understand the entire course of the attack and the parties involved.