Exploring the “slope” factor in Solana exploits with Nomad update

Solana was the victim of a $6 million robbery clear More than 8,000 wallets were snapped up in the early hours of August 3.The vulnerability occurred a day after the construction of the cross-chain bridge Nomad lost Another hack hit $190 million.

However, after some investigation, the Solana hack has an update. According to Solana blockchain developers, the vulnerability was due to an oversight by web3 wallet provider Slope Wallet.

Why “Slope Zone”

According to the statement, Solana’s ecosystem is not responsible for the loss. The Solana Foundation clearly identified Slope as most of the affected wallets were associated with it.

In response, the Slope team also Admission It has drained a lot of wallets due to hacking.Likewise, the Phantom Wallet comfirmed Solana’s findings left some users affected by the hack.

Based on the findings, the Solana Foundation noted that the Slope wallet may have hosted users’ private keys on a centralized server. also, Report Mentioned from other corners that the hacker may have gained access to the user’s wallet.

Hot wallet only

In another related development, Solana CEO Anatoly Yakovenko earlier linked Take advantage of supply chain issues. However, its communications director, Austin Fedora, disclose This is not the case in subsequent updates.

Federer tweeted,

“It appears to affect desktop wallets, mobile wallets, active wallets, and wallets that have only received one transaction. If this is a supply chain attack against all of these users, it’s pretty scary for all web3s”

Additionally, he suggested that users who still have assets in the Slope wallet can transfer them to a secure hard wallet.

At press time, Solana confirmed that an investigation was still ongoing to find the perpetrators.

But what happened to the nomads?

According to Nomad’s exploit, some progress has been made. Earlier, hackers returned about $9 million to the bridge.

Then they spent another $3.8 million in USDC, ETH, and USDT, especially after Nomad publicly requested returns. However, the Nomad hacker does not appear to return all exported funds.

According to blockchain security firm PeckShield, hackers have been laundering parts of it by sending it from one wallet to another.

Source link

Leave a Reply

Your email address will not be published.