Solana, one of the more popular DeFi ecosystems, is reeling from a hack that saw at least $8 million drained from 8,000 wallets connected to the network.
Solana’s Head of Communications, Austin Fedora, indicated that 60% of the drained wallets were Phantom Wallets, while 40% were from a wallet service known as Slope.
In a statement on Twitter, Solana said:
“After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications.”
– Solana
They added that the hack was isolated to Slope and that ‘private key information was inadvertently transmitted to an application monitoring service.’ They also absolved the Solana network of blame saying ‘there is no evidence the Solana protocol or its cryptography was compromised.’
Otter, a blockchain auditing firm, found that the Slope app sent users seed phrases to a centralized server, and these seed phrases were saved in readable text, not encrypted, and so someone with access to the server could get access to private keys belonging to users.
As a result, Solana Founder and CEO, Anatoly Yakovenko, asked users to move their assets to a different wallet:
Slope, on its part, asked users ‘to create a new and unique seed phrase wallet, and transfer all assets to this new wallet, urging users to avoid using the same seed phrase on this new wallet that you had on Slope.’
Phantom wallet users were also affected but only those who had either connected to a 3rd-party service like Slope.
Slope also said it had ‘hypotheses’ as to the nature of the breach but nothing confirmed, saying that even its staff and founders were affected by the hack.
Hardware wallets were not affected by the hack.