The Solana team’s investigation into the hacking of thousands of cryptocurrency wallets found that the affected addresses were “at some point created, imported or used in Slope’s mobile apps”.
Solana developers had previously reported that the hack was not caused by a bug in the underlying blockchain code, but was related to software used by “several popular wallets”.
Solana Labs co-founder Anatoly Yakovenko wrote that anyone who has ever imported a Sid phrase into Slope could consider it compromised.
Slope said in a statement that a number of the project’s wallets have been compromised and the team is actively investigating the incident. The developers “have several hypotheses”, but did not give a specific reason for the hack.
Slope urged all users to create new wallets with different Sid phrases and transfer their assets to them.
Representatives of the Phantom project, whose customers were also affected by the hack, said they had “reason to believe” that the exploit was linked to Slope. They advised users to transfer their assets to new wallets from other providers.
Some experts point out that Slope may have stored users’ sid-phrases on its centralised servers, which have subsequently been compromised by attackers.
A Slope spokesman told CoinDesk that the team does not store “any personal data on a centralised server”. However, he later said the claim was incorrect.
The investigation is ongoing, Solana stressed.
Recall that in early August, unidentified individuals accessed the funds of some 8,000 Solana-based wallet holders and withdrew millions of dollars.