The Solana hack from August 2nd resulted in over $4.5M in losses for Phantom wallet users, and Slope Mobile Wallet is now in hot water.
Popular mobile wallet Slope Finance has now been identified as the breach point for those that were affected by the hack. The Solana team released a full statement thread on Twitter.
After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
Solana’s team also confirmed that there was no evidence the Solana protocol was compromised.
Slope Finance released a full statement through Twitter, detailing what they know so far and issuing an apology to users affected by the hack.
“We are still actively diagnosing, and are committed to publishing a full post mortem, earning back your trust, and making this as right as we can.” – Slope Finance
Unfortunately, Slope confirmed in this post that they have yet to diagnose the nature of the breach. The team is working overtime currently to find the source so that it can be patched promptly.
According to Slope, even some founders and team members at their company personally had their wallets drained as well. Slope has urged all customers who have not been affected to protect themselves by creating a new and unique wallet and transferring all assets to it.
This widespread breach has once again brought to light the importance of using a cold wallet over anything else to protect yourself.
Cold storage or “hardware” wallets are physical drives that are a private key of their own. The most used company for cold wallets right now is called Ledger, and if you would like to pick one up to protect your assets you can do so here.