Solana: Affected wallets of the vulnerability were users of Slope mobile wallet applications

[

‘After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications.’

[ if you believe that your Solana wallet has interacted with applications by slope, it is probably advisable to send any unaffected funds (so far) to a new wallet that was not interacted by slope apps in anyway, or even better to a hardware wallet where each tx must be confirmed by a physical device.

​

​

[Private keys and mnemonic decrypted as shown above \^](

​

​

[Total statistics of vulnerability \(Tristan0x\)](

​

​

Hacker’s Wallet 1: [

Hacker’s Wallet 2: [

Hacker’s Wallet 3: [

Hacker’s Wallet 4: [

View Source

22 thoughts on “Solana: Affected wallets of the vulnerability were users of Slope mobile wallet applications”

  1. I read somewhere that Slope was sending the seed phrases of users to their servers. This is really shady. Why do they need the private keys of the users?

    Reply
  2. I’ve never had a slope wallet (nor phantom) and never interacted with any dapps besides lido. Does this mean i can move my SOL and eth tokens back to trust wallet?

    Reply
  3. So once again, the culprit was exposure of private keys to a “trusted” third party and the old adage of “Not your keys, not your crypto” rings ever true.

    And here I was expecting something worse.

    Reply
  4. This is a bit of a bummer for all of the people on this sub that were praying it was an issue with the Solana chain.

    Reply
  5. Here is a [Nitter link](https://nitter.net/SolanaStatus/status/1554921396408647680?t=3pfcLat1xFH56c16KaBCuA&s=19) for the Twitter thread linked above. Nitter is better for privacy and does not nag you for a login. More information can be found [here](https://nitter.net/about).

    *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoCurrency) if you have any questions or concerns.*

    Reply
  6. ” if you believe that your Solana wallet has interacted with applications by slope, it is probably advisable to send any unaffected funds (so far) to a new” blockchain

    Reply
  7. Everyone was blaming Solana yesterday. People here really need to learn something about softwares and programming in general.
    Such a rookie mistake by the slope team though.

    Reply
  8. I mean, investing in Solana should be seen as the first major red flag.

    42% given out to Venture Capitalists at a discount so they can dump on retail and to top it off – laugh about it. It’s almost approaching SafeMoon levels of disconnect.

    [Source](https://sensiblecryptoinvestor.com/2022/08/3-reasons-not-to-invest-in-solana/)

    Edit: oh and I mean disconnect in the context of mental function AND Solana foundation being able to just switch off and restart the chain as it pleases.

    Reply

Leave a Comment