The Solana team has debunked rumors about its connection to the hack on Slope finance. The team, via a blog post, revealed that the attack didn’t manifest as a protocol-level vulnerability. Consequently, the Solana team established that no core code or anything relating to its protocol suffered the attack.
Recall that Slope Finance became the latest victim of a malicious attack that took place last week. The attacker(s) had enough time to carry out the mischievous attack as they looted the platform for over four hours. The attack affected about 9,231 wallets claiming Solana and Ethereum tokens worth about $4.1 million.
However, immediately after the attack, rumors emanated that the Solana protocol had been breached. Then, the Solana team assured the protocol’s safety, promising to investigate the issue. With the completion of its findings, the team has thoroughly debunked that its protocol didn’t suffer any attack.
Additionally, the Solana team indicated that drained-wallets from the Slope hack were compromised via their private key. According to the blog post, On-chain transactions indicated that hackers used their (User) private keys to authorize the transactions. Thus, gaining access to loot their funds.
Solana added that findings by security auditors revealed that the wallets were either created or imported into the IOS and Android version of Slope wallet. Therefore, transmitting users’ data, including their private key to a monitoring platform. Though, Solana admitted that how the hacker(s) huddled the data remain unknown at the moment.
Other Developments On The Slope Hack
Furthermore, the Solana team disclosed that any hardware wallets didn’t suffer the Slope Hack. Also, other wallets that didn’t suffer the attack include the ones gained via seed phrases, but Slope wallets haven’t used them. The team added only those who imported their seed phrase into Slope suffered the attack.
Recall that last week after the attack, Slope Finance offered a 10% bounty for the hackers. The team made the revelation via a Tweet, releasing a wallet for the hacker to repay the stolen funds. Slope indicated that it wouldn’t pursue any legal action against the hacker if they return the funds.
Via the post, the firm emphasized how it’s working to ensure that it recovers the funds. Then, Slope admitted that it’s working with numerous organizations to track the hackers. Meanwhile, the hackers didn’t take the offer despite the team giving them a 24 hours ultimatum.