Experts find private keys on Slope servers, still puzzled over access

Blockchain analysis firms involved in Solana exploit investigation unpack the latest developments as teams try to figure out how private keys were stolen.

Blockchain auditing firms are still trying to figure out how hackers gained access to about 8,000 private keys used to drain Solana-based wallets. 

Investigations are ongoing after attackers managed to steal some $5 million worth of SOL and SPL tokens on Aug. 3. Ecosystem participants and security firms are assisting in uncovering the intricacies of the event.

Solana has worked closely with Phantom and Slope.Finance, the two SOL wallet providers that had user accounts affected by the exploits. It has since emerged that some of the private keys that were compromised were directly tied to Slope.

Blockchain audit and security firms Otter Security and SlowMist assisted in ongoing investigations and unpacked their findings in direct correspondence with Cointelegraph.

Otter Security founder Robert Chen shared insights from first-hand access to affected resources in collaboration with Solana and Slope. Chen confirmed that a subset of affected wallets had private keys which were present on Slope’s Sentry logging servers in plaintext:

“The working theory is that an attacker somehow exfiltrated these logs and were able to use this to compromise the users. This is still an ongoing investigation, and current evidence does not explain all of the compromised accounts.”

Chen also told Cointelegraph that some 5,300 private keys which were not a part of the exploit were found in the Sentry instance. Nearly half of these addresses still have tokens in them – with users urged to move funds if they have not done so already.

The SlowMist team came to a similar conclusion after being invited to analyze the exploit by Slope. The team also noted that the Sentry service of Slope Wallet collected the user’s mnemonic phrase and private key and sent it to o7e.slope.finance. Once again, SlowMist could not find any evidence explaining how the credentials were stolen.

Cointelegraph also reached out to Chainalysis, which confirmed that it was carrying out blockchain analysis on the incident after sharing initial findings online. The blockchain analysis firm also noted that the exploit mainly affected users that had imported accounts to or from Slope.Finance.

While the incident absolves Solana from bearing the brunt of the exploit, the situation has highlighted the need for auditing services of wallet providers. SlowMist recommended that wallets should be audited by multiple security companies before release and called for open source development to increase security.

Chen said that some wallets providers had “flown under the radar” when it came to security when compared to decentralized applications. He hopes to see the incident shift user sentiment towards the relationship between wallets and validation from external security partners.

Related Posts

Crypto market bloodbath leads to over $500M in liquidations in 24 hours

Data from crypto analytic firm Glassnode shows future long liquidation of BTC touched a new 8-month high as BTC price crashed below $22,000 on Friday. The crypto…

Weak address growth points to Bitcoin price failing to sustain $25K

Active addresses did not mimic previous successful price breakout this month, one analyst says, while seemingly realized price returns as resistance. Bitcoin (BTC) is staging a repeat…

Smart and Social Web3 Platform Blockify Raises $2.2M

Blockify Inc, an emerging blockchain technology company, is pleased to announce the completion of a $2.2M seed round.   Since 2021, Blockify has been developing an interface that…

Hodlnaut Confirms Interactions With Singapore Police, Job Cuts, Interest Rates Halts

In the wake of a statement by Hodlnaut confirming its request for judicial management on the 16th of August, the distressed platform has updated its original announcement…

The Sandbox Alpha Season 3 Brings Crazy Summer Vibes To The Metaverse

In the latest announcement, The Sandbox has revealed its plans for the summer. The Alpha Season 3 will bring along over 90 experiences, quests, raffles, and much…

Bitcoin and Ethereum Hit as Crypto Market Endures Selloff

Several leading assets suffered double-digit losses as Bitcoin and Ethereum fell. Bitcoin and Ethereum Correct The cryptocurrency markets recent rally appears to have halted. Bitcoin and Ethereum…

Generated by Feedzy