Developers of Solana Blockchain say that the SOL tokens were compromised due to a security glitch in the Slope wallet resulting in millions of dollars heist from ,000 hot wallets.
On the second day of the exploit, $6 million worth of SOL tokens were compromised through Slope wallets linked to the Phantom wallet. The Solana Foundation tweeted that the Slope wallet was the culprit of these attacks and not the blockchain’s code and cryptography.
“This does not appear to be a bug with Solana core code, but in software used by several software wallets popular among users of the network,” published on Twitter by ‘Solana Foundation’ on Wednesday.
After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
On further investigation, the funds were drained from the suspected hot wallets, leaving very little chance to find the hacker (s) behind the attack.
In a statement, the Slope wallet developers mentioned that a cohort of wallets have been compromised but didn’t confirm if the private key storing process were involved or not in the incident. In addition to these statements, a representative at Solana told CoinDesk that they are not storing any private data on the centralized servers.
The developers of Phantom wallet said that they have reasons to believe that the attack was caused due to a wallet importing complication in the Slope wallet.
Anatoly Yakovenko, CEO, Solana Labs, tweeted that the hack seemed to be an issue in the iOS supply chain but it was narrowed down to the link with Slope wallet importing attacks.
Seems like an iOS supply chain attack. Multiple plausible wallets that only received sol and had no interactions beyond receiving have been affected. https://t.co/ne0g3ZmLH5
As well as key that were imported into iOS, and generated externally.https://t.co/hStAr1mU6Q
— SMS aey.sol, (@aeyakovenko) August 3, 2022
When hackers insert their own code in software with a malicious intent to hack the system, it is called a supply chain attack.
While an iOS supply chain attack means bad actors accessing private keys by gaining access to wallets connected to the internet.
Some developers on Twitter have commented that Slope kept confidential data in plain text which meant a major breach of security to the user’s funds.
Many organizations have come forward to collect data of users who have lost their SOL funds to chart a retribution plan. The 9,000 exploited wallets take up a small percentage of Spana hot wallets totaling 25 million in existence.
Solana Crypto Holds Price Support Despite Cyberattack!
Though it is hard to be sure if the exploit was a breach of security owing to Slope wallets or not, the price support of Solana despite the attack that happened on Wednesday shows the token strength. Post the attack news broke on the community networks many investors shorted their SOL holdings. The attack caused the token to drop by 4% in the last 24 hours.
The blockchain does have a huge following and a vibrant community. Solana has been deemed as an overbought token as per crypto market observers. Many whales, and large-cap investors are supporting the token due to its long history of high-value status in the top crypto list by price and market cap.
Read more: Impact on SOL Price after Solana Wallet Hack
A run at Solana’s technical faults in the past
Solana has been quite a celebrated blockchain technology and is often called the ‘Ethereum Killer’. Solana’s mainnet had an outage in June and was down for 4 hours straight causing the team to suspend transactions until the bug was fixed.
According to one of the developers at Solana, the bug in the nonce transactions led to a non-determinism situation where it is difficult to solve why different results have been generated by the same block. This clearly seemed to be a security and scalability issue in the blockchain architecture.
Source: Business Today
Disclaimer: “The information and material contained are subject to change without prior notice including prices which may fluctuate based on market demand and supply. The material available on the site is proprietary of CoinDCX, its parent, and its affiliates and is for informational purposes and informed investors only. This material is not: (i) an offer, or solicitation of an offer, to invest in, or to buy or sell, any interests or shares, or to participate in any investment or trading strategy, or (ii) intended to provide accounting, legal, or tax advice, or investment recommendations. Please note Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions.”
LUNA’s journey: Recovery from a challenging year ahead.
Valkyrie’s bold fusion of Bitcoin and Ether ignites crypto’s next frontier!