A month to the day from the Crema Finance exploit, a Solana lending & borrowing platform that was hacked for almost $9M, another exploit began yesterday effecting over 9,000 wallets and counting. Users reporting funds being drained from major, mobile, browser extension hot wallets such as Phantom, Slope, and TrustWallet.
If you are just now discovering this and are worried about your funds best practice for self-defense to is to move funds asap if you have any funds on your Phantom, Slope, or TrustWallet. Preferably into a hardware wallet that has never interacted with anything and is your “cold storage”.
The exploiters are actively stealing both SOL and SPL (USDC), as well as other Solana based tokens. Up to $5M and counting has been robbed as of this writing (updated 9pm Aug 3).
- Primarily to these Wallet addresses: Htp9MGP8Tig923ZFY7Qf2zzbMUmYneFRAhSp7vSg4wxV CEzN7mqP9xoxn2HdyW6fjEJ73t7qaX9Rp2zyS6hb3iEu
You can follow those addresses on SolScan here
There is a good understanding for the cause of the exploit that came out today, and it is much worse than anyone would’ve guessed. The attacker was able to initiate and approve transactions out of user hot wallets because the seed phrases of the users were stored in Slope’s centralized servers and were compromised, MITM attack (Man-In-The-Middle). @0xfoobar covered this in detail today.
The Slope official Statement is summed up as the investigation is still continuing and they’re working with developers and security experts to rectify the situation. They have advised all slope users to transfer assets out of Slope wallets and into a new wallet with a unique seed phrase. Again, best to use a hardware wallet.
The Solana official statement states that there isn’t any evidence the Solana protocol or it’s cryptography was compromised in any way. Expect more official statements once they can confirm more throughout the investigation.
Solana attracted a lot of users over the high levels of throughput, low fees, and high scalability. SOL price experienced massive levels of growth last year topping out at nearly $260 SOL with many referring to it as the “ETH killer.” Still, it’s centralization and functionality remain a big problem. Such as the notable 16 hour outage on Sep 15, 2021.
Will keep updated as more information comes out. If you think your funds are at risk move them quick!