Following the Solana wallet attack, the Solana Status team updated the public and detailed that the wallet addresses affected by the breach were tied to Slope mobile wallet applications. The team further stressed that “there is no evidence the Solana protocol or its cryptography was compromised.”
Solana Status Report Says Affected Addresses Were at One Point Created in Slope Mobile Wallet Applications
During the last 48 hours, the Solana team has been dealing with an attack that saw thousands of Solana-based wallets compromised. At the time, Solana Labs co-founder and CEO Anatoly Yakovenko thought the exploit possibly stemmed from a supply chain attack. He explained that iOS and Android wallets were affected when he said: “most of the reports are Slope, but a few Phantom users as well.”
On August 3, 2022, the Solana Status Twitter account explained that the addresses affected in the hack were tethered to Slope mobile wallet applications. “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana Status wrote. “This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.” Solana Status said:
While the details of exactly how this occurred are still under investigation, private key information was inadvertently transmitted to an application monitoring service. There is no evidence the Solana protocol or its cryptography was compromised.
Slope Finance published an official statement from the wallet team and breach details are vague. Slope said “A cohort of Slope wallets were compromised in the breach, we have some hypotheses as to the nature of the breach, but nothing is yet firm, [and] we feel