Slope Wallet is allegedly connected to the most recent Solana hack

Solana’s mobile wallet Slope is blamed to be responsible for ongoing security exploit that has so far drained about $6 million worth of crypto assets from more than 10,000 hot wallets including Phantom and Trust.

Yesterday, Solana shared preliminary findings of their investigation on Twitter where the Slope wallet provider has been identified as a primary suspect in the breach. “It appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” the Twitter post reads.

According to the Solana team, the root cause of the attack was an accidental leak of hot wallets' private keys to a third party. It is also claimed that there was "no evidence to suggest the Solana protocol or its cryptography was at risk from the attack".

After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022

Shortly after, Slope issued a statement acknowledging that “a cohort of Slope wallets were compromised in the breach” and recommended its users to create a “new and unique seed phrase wallet” and transfer all assets there as old hot wallets could fall under risk later on.

According to crypto researcher @0xfoobar, this attack happened not due to Slope’s coding error, but because hackers gained access to wallets seed phrases that Slope logged into its centralized servers.

Correction - the Slope wallet did not send seed phrases to external partners, but may have logged them on their own centralized servers. Apologies for getting a bit ahead of myself, postmortem still in progress. Wait for an announcement from the team for true confirmation.
— foobar (@0xfoobar) August 3, 2022