The Solana hack that led to the theft of over $5 million dollars was the result of a leak of seed phrases (or mnemonic phrases), a group of random words that are used to help users access or recover their cryptocurrency wallet, by a wallet made by Slope Finance.
Users that want to interact with various blockchains typically create what are called hot wallets, which can be easily accessed through browser extensions or mobile and desktop applications. As part of its application’s logging functionality, Slope Finance stored users’ seed phrases in plaintext within these logs, which has been determined to be the source of the breach. Users that created wallets using Slope Wallet or imported their wallets into Slope from other wallets like Phantom, have been affected.
Anyone that possesses a seed phrase or mnemonic phrase can assume control of users’ cryptocurrency and NFTs, which is why conventional advice to never share your seed phrase is so prominent. Unfortunately in this instance, users weren’t at fault and the plaintext storage of their seed phrases is what led to the theft of their funds.
For cryptocurrency enthusiasts looking to interact with various blockchains, we strongly advise doing your own research to verify if a project has conducted any third-party audits or pentesting of their applications or infrastructure before trusting your funds to these applications. Additionally, users are strongly encouraged to consider using a cold wallet, which includes hardware wallets, paper wallets, or offline USB/CD wallets that are not as easily accessible, to store their cryptocurrencies for the long term. – Satnam Narang, Sr. Staff Research Engineer, Tenable