Solana was the victim of a $6 million robbery clear More than 8,000 wallets were snapped up in the early hours of August 3.The vulnerability occurred a day after the construction of the cross-chain bridge Nomad lost Another hack hit $190 million.
However, after some investigation, the Solana hack has an update. According to Solana blockchain developers, the vulnerability was due to an oversight by web3 wallet provider Slope Wallet.
After investigation by developers, the ecosystem team, and security auditors, the affected addresses appear to have been created, imported, or used in the Slope mobile wallet application. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
Why “Slope Zone”
According to the statement, Solana’s ecosystem is not responsible for the loss. The Solana Foundation clearly identified Slope as most of the affected wallets were associated with it.
Based on the findings, the Solana Foundation noted that the Slope wallet may have hosted users’ private keys on a centralized server. also, Report Mentioned from other corners that the hacker may have gained access to the user’s wallet.
Hot wallet only
In another related development, Solana CEO Anatoly Yakovenko earlier linked Take advantage of supply chain issues. However, its communications director, Austin Fedora, disclose This is not the case in subsequent updates.
“It appears to affect desktop wallets, mobile wallets, active wallets, and wallets that have only received one transaction. If this is a supply chain attack against all of these users, it’s pretty scary for all web3s”
Additionally, he suggested that users who still have assets in the Slope wallet can transfer them to a secure hard wallet.
At press time, Solana confirmed that an investigation was still ongoing to find the perpetrators.
But what happened to the nomads?
According to Nomad’s exploit, some progress has been made. Earlier, hackers returned about $9 million to the bridge.
#PeckShieldAlert PeckShield detects $9 million has been returned @nomadxyz_ Funds recovery address, including 100 $ETH (~$164k) address from ENS name bitliq.eth, ~3.78 million dollar dollar~2m $USDT~15.8m $CQT (approximately $1.38 million), approximately $1.2 million $FRAX (approximately $1.2 million), 200 $WETH (~328k), ~150k $DAI and many more. pic.twitter.com/Bpyjt7jnek
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Then they spent another $3.8 million in USDC, ETH, and USDT, especially after Nomad publicly requested returns. However, the Nomad hacker does not appear to return all exported funds.
According to blockchain security firm PeckShield, hackers have been laundering parts of it by sending it from one wallet to another.
.@RariCapital exploiter transfer ~2 $ETH to 0x72ccbb and 0x76f455 (1 $ETH/address) is used to pay gas fees associated with related transactions @nomadxyz_ develop, @RariCapital (Arbitrum) The exploiter got about $3 million, and 0x72ccbb and 0x76f45555 got about $2 million in the exploit. pic.twitter.com/aOpeACWHq4
— PeckShieldAlert (@PeckShieldAlert) August 4, 2022