Multimillion-dollar Solana crypto theft linked to Slope mobile wallet - The Verge
An attack on the Solana ecosystem that left thousands of wallets drained of funds has been blamed on a mobile wallet operated by Slope. Millions of dollars’ worth of cryptocurrency were stolen in the attack this week.
Earlier this week, thousands of crypto wallets connected to the Solana ecosystem were drained by attackers who used owners’ private keys to steal both Solana (SOL) and USD Coin (USDC). Solana now says that, after an investigation “by developers, ecosystem teams, and security auditors,” it’s linked the attack to accounts tied to the Slope mobile wallet app.
A chart set up on Dune to track the attacks tallies the amount of crypto stolen at just over $4 million, taken from over 9,000 unique wallets.
Slope Finance, which calls itself “the easiest way to discover web3 applications from one secure place,” has issued a statement advising all Slope users to create “a new and unique seed phrase wallet, and transfer all assets to this new wallet.” The blog post says “many” wallets belonging to Slope staff were also drained but notes that hardware wallets (also known as cold wallets, which are not connected to the internet) were unaffected.
This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service. 2/3