Solana: Wallet of Slope Users or Those Who Have Imported Seed Phrases into Slope May Be Compromised

Solana released the Slope wallet incident update, stating that affected addresses appear to have been created, imported, or used in the Slope wallet applications on iOS and Android (created and published by Slope Finance). Private key material from these Slope users was inadvertently transmitted by the Slope app to an application monitoring service, but exactly how the hacker obtained or intercepted this information is still under investigation. No core code related to Solana Labs, the Solana Foundation, or anything related to Solana protocol itself was involved in this attack. This was not a protocol-level vulnerability. Affected users on other software wallets (such as Phantom and Solflare) may have been the result of users’ reuse of seed phrases generated or stored within Slope. Any impact to users with Ethereum wallets was likely also due to reuse of seed phrases as both Ethereum and Solana use BIP39 mnemonics. In addition, Solana emphasizes that Slope wallet users or users who have previously imported seed phrases into Slope may have their wallets stolen even if no assets are transferred and recommends that users generate a new seed phrase in a new wallet and transfer all assets to the new wallet. Users should not reuse any wallets derived from seed phrases previously used with Slope’s mobile applications.
Source

Solana

Wallet

Security Incidents

DeFi

Related News
Solana's key SIMD-228 proposal fails to pass validator vote, token emissions unchanged Solana's key SIMD-228 proposal fails to pass validator vote, token emissions unchanged
Transaction fees generated on Solana network fall to lowest weekly amount since September Transaction fees generated on Solana network fall to lowest weekly amount since September
Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain
Stablecoin neobank Infini exploited for $49 million: security analysts Stablecoin neobank Infini exploited for $49 million: security analysts
Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum Wildcat, the decentralized credit platform built by Crypto Twitter mainstay Laurence Day, launches new version on Ethereum
Latest News More More
17 Hours Ago 0xbow unveils ‘Privacy Pools,’ a new blockchain privacy tool drawing from Vitalik Buterin’s research
5 Days Ago Ethereum edges closer to deploying Pectra on mainnet with successful upgrade on Hoodi testnet
6 Days Ago MEXC Extends DEX+ Platform to Binance Smart Chain Users
March 25 Binance suspends employee for allegedly profiting off of insider information
March 25 BlackRock launches bitcoin ETP in Europe following US success
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open