.png){kind=logo}
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
On August 2, more than 8,000 Solana hot wallets were hacked. The attackers made off with an estimated US$8 million in stolen crypto. At the time, Solana recommended users switch to hardware wallets. However, this was little consolation to the victims who lost funds. On August 4, Solana updated the community after it was discovered that the affected addresses were part of the Slope wallet ecosystem.
Slope is a web-based crypto wallet, mobile app, and browser extension. It allows users to send and receive tokens on the Solana network and integrates with Solana Pay. Slope users were urged to create brand-new wallets with alternative providers and to transfer their crypto assets to those new wallets. In a statement Wednesday afternoon, Slope acknowledged that a "cohort" of its wallets were compromised.
Solana, meanwhile, said its researchers had determined "private key information" – essentially the password to a user's crypto wallet – "was inadvertently transmitted to an application monitoring service." How this later led to the hack is yet to be determined. While almost 8,000 wallets from multiple providers were affected – including Phantom and Trust- researchers linked the attackers' theft to Slope's integration with those of other providers. Solana co-founder Anatoly Yakovenko also linked Slope wallets to the hack in his own personal Twitter account. He advised users to regenerate a seed phrase from a service other than Slope as soon as they can. He also told an affected user to "Start practicing the cold/hot wallet separation."
Slope issued a letter to its customers stating that it had a hypothesis about the breach but could not confirm anything yet. "We have some hypotheses as to the nature of the breach, but nothing is yet firm," the statement read. "We feel the community's pain, and we were not immune. Many of our staff and founders' wallets were drained," it said. Slope said hardware wallets were not affected and a full post-mortem was incoming.
