Following the Solana wallet attack, the Solana Status team updated the public and detailed that the wallet addresses affected by the breach were tied to Slope mobile wallet applications. The team further stressed that “there is no evidence the Solana protocol or its cryptography was compromised.”
Solana Status Report Says Affected Addresses Were at One Point Created in Slope Mobile Wallet Applications
During the last 48 hours, the Solana team has been dealing with an attack that saw thousands of Solana-based wallets compromised. At the time, Solana Labs co-founder and CEO Anatoly Yakovenko thought the exploit possibly stemmed from a supply chain attack. He explained that iOS and Android wallets were affected when he said: “most of the reports are Slope, but a few Phantom users as well.”
On August 3, 2022, the Solana Status Twitter account explained that the addresses affected in the hack were tethered to Slope mobile wallet applications. “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications,” Solana Status wrote. “This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.” Solana Status said:
While the details of exactly how this occurred are still under investigation, private key information was inadvertently transmitted to an application monitoring service. There is no evidence the Solana protocol or its cryptography was compromised.
Slope Finance published an official statement from the wallet team and breach details are vague. Slope said “A cohort of Slope wallets were compromised in the breach, we have some hypotheses as to the nature of the breach, but nothing is yet firm, [and] we feel the community’s pain, and we were not immune. Many of our own staff and founders’ wallets were drained.” Slope also added that the team was actively conducting internal investigations and audits, while working with security and audit groups.
Security Experts Say Slope’s Seed Phrases Were Logged in Readable Plaintext
During the official statement, the Slope team further recommended that Slope wallet users “create a new and unique seed phrase wallet, and transfer all assets to this new wallet.” Slope added:
If you are using a hardware wallet, your keys have not been compromised.
Data from Dune Analytics shows that there were more unique addresses that were affected by the breach than initially reported. Statistics show that 9,223 unique addresses suffered from the bug and $4,088,121 in crypto was stolen. Most of the assets hacked were made up of solana (SOL) and SOL-based USDC.
It is being said that Slope’s mnemonic seed phrases transferred to Slope’s server were logged in readable text. The Slope wallet team allegedly stored the mnemonics in debug logging software via a centralized Sentry server. Security experts at Ottersec detailed that “anybody with access to Sentry could access [a] user’s private keys.” Ottersec also noted that the Slope team was “very helpful in sharing data related to the hack.”
Tags in this story
What do you think about the issues with Slope wallet and the recent exploit that affected Solana users? Let us know your thoughts about this subject in the comments section below.
Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin.com News about the disruptive protocols emerging today.
Image Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.
Bitcoin (BTC) Nearly Taps $25,000 Level For the First Time Since June
Bitcoin (BTC) is showing several bullish signs in the daily time frame but has yet to break out from a short-term corrective pattern.
Bitcoin has been moving upwards since reaching a long-term low of $17,622 on June 18. On July 19, it broke out from a long-term descending resistance line, which had been in place since the end of March.
On Aug. 11, BTC reached a local high of $24,918, which was the highest since June 12. However, it failed to sustain this increase and created a long upper wick in its daily candlestick (red icon).
If the upward movement continues, the closest resistance area would be found at $29,370. This target is the 0.382 Fib retracement resistance level.
An interesting reading comes from the daily RSI, which moved above 50 at the same time which the price broke out from the descending resistance line.
Since then, the RSI has created an ascending triangle (dashed), which is often considered a bullish pattern. The indicator is currently at 61, right at the resistance line of this pattern.
Therefore, a breakout above it would likely also cause the price to accelerate upwards.
Short-term BTC pattern
Despite the relative bullishness from the daily time frame, the six-hour chart shows that BTC has been trading inside an ascending parallel channel since the June 18 bottom. Such channels usually contain corrective patterns, meaning that an eventual breakdown from it would be expected.
Moreover, the price has created what resembles an even shorter-term double top (red icons), which is considered a bearish pattern made at the resistance line of the channel.
On Aug. 9 (green circle), the price rebounded from the midline of this channel and at a short-term ascending support line.
So, whether BTC breaks out from the channel or breaks down from the support line will likely determine the direction of the future trend.
Wave count analysis
The main wave count indicates that BTC is likely in wave three of a five-wave upward move (black). The sub-wave count is shown in yellow, and also suggests that the price is in wave three. So, this seems to be a 1-2/1-2 wave formation. If correct, it would mean that the upward move will accelerate in the near future.
In order for the count to remain correct, Bitcoin has to hold on above the slope of the original 1-2 (black).
The most likely long-term wave count is also bullish, aligning with the proposed short-term count.
For Be[in]Crypto’s previous Bitcoin (BTC) analysis, click here
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Binance recovers the majority of funds stolen from Curve Finance
Binance recovered and froze around $450,000 worth of the stolen assets, which is around 80 percent of the stolen funds.
377 Total views
31 Total shares
Crypto exchange Binance has recovered a big part of the funds from the recent hack that targeted the decentralized finance (DeFi) protocol Curve Finance.
In a tweet, Binance CEO Changpeng Zhao announced that the exchange has frozen and recovered $450,000 of the stolen assets, which is more than 80 percent of the stolen funds. According to Zhao, the hacker tried to send the funds to the exchange in various ways but was detected by Binance. The exchange is currently working to return the funds to their rightful owners.
The Curve Finance team detected the hack on Tuesday and alerted their users to refrain from using their website. An hour after the warning, the team announced that it was able to find and resolve the issue. However, the attackers were still able to hijack around $537,000 worth of USD Coin (USDC) before the issue was resolved.
According to experts from the blockchain analytics firm Elliptic, a hacker compromised the domain name system (DNS) of Curve Finance, which ended with malicious transactions getting signed. The experts told Cointelegraph that the funds were then sent to various exchanges and crypto mixers in an attempt to hide the trail. In the end, the funds were sent to Binance and were caught by its team.
This is not the first time this week that the good actors in the crypto community have worked to return stolen funds. On Monday, whitehat hackers and researchers returned an estimated $32.6 million worth of USDC, Tether (USDT) and other altcoins to Nomad, following the recent $190 million exploit.
The Curve Finance exploit is only one of the many attacks that happened in 2022. According to analytics firm Chainalysis, $2 billion worth of funds were drained because of cross-chain bridge hacks. This is 69% of the overall stolen amount in the year.
Institutional staking won’t take off unless asset lock-up solved: Coinbase CFO
Coinbase’s new institutional-focused staking product won’t be a “near-term phenomenon” while liquid staking is still being worked out.
1074 Total views
33 Total shares
Institutional staking of crypto assets, including the post-Merge Ethereum, could become a “phenomenon” in the future, but not while their assets still need to be “locked up.”
Speaking during a Q2 earnings call on Tuesday, chief financial officer Alesia Haas noted that she didn’t expect their new exclusive institutional staking service, rolled out in Q2, to be a “near-term phenomenon” until a “truly liquid staking option” is available:
“This is the first time we had the products available. Previously, the way that institutions could have access to staking is via Coinbase Cloud […] But offering it as the delegated staking service similar to what we have for retail customers.”
However, Haas said it was still “early days” for their new staking service, adding they’ll likely only see a “real material impact” when they have created a liquid staking option for post-Merge Ethereum, also known as Eth2.
Liquid staking is the process of locking up funds to earn staking rewards, while still having access to the funds.
Haas explained that many financial institutions “don’t want their assets held indefinitely:”
“So when you stake ETH2 you are locking in your assets into Ethereum until the Merge and then some period after. For some institutions, that liquidity lock-up is not palatable to them. And so, while they may be interested in staking, they want to have staking on a liquid asset.”
Haas reaffirmed this issue is “something we are looking to solve,” and added that once this liquid staking is available for financial institutions that can pool in funds at higher proportions, “we’ll see the real material impact of institutional revenue.”
Investors and institutions have been able to access Coinbase’s delegated staking service through Coinbase Prime, which was first launched in Sep. 2021. The platform also offers other integrated services, such as access to a custody wallet with enhanced security, real-time crypto market data and analytics, and other crypto-native features like decentralized governance.
Huobi Founder Keen On Selling Majority Of His Stake At $3 Billion Value: Report
Robinhood To Face US Market Manipulation Claims Over “Meme Stock” Rally : Reuters Report
Ethereum Merge Tentative Date Is Set And It’s Sooner Than You Think
Binance Labs Invests in Cross-Chain Staking Protocol Ankr After $500 Million Web3 Fund
$10 Trillion Asset Manager BlackRock Unveils Bitcoin Spot Exposure Via Private Trust
‘Continue to ebb and flow over time’: Denny’s chief brand officer on how consumers’ moods inform brand messaging
Bitcoin hits $45K ahead of July inflation report, but one fractal hints at looming correction
Smart Marketing Token (SMT) Is on a Mission to Help Blockchain Projects Reach Their Goals
Identity management org Sailpoint unveils no-code tool
Japan crypto exchange bitbank upgrades performance of its matching engine by 4x
Bit Coin3 months ago
An Anime Action Adventure: YOANN․IO Seed Launch on KICK․IO
Bit Coin3 months ago
Miami and New York City coins tank despite Mayoral endorsements
Bit Coin3 months ago
Swiss think tank urges greater global cooperation on crypto regulation
Bit Coin3 months ago
Sequel to Iconic RPG Ni No Kuni to Feature NFT Integration and Play-to-Earn Mechanics
Tech3 months ago
Acer Nitro XV272 review: Top-tier gaming on a 1080p monitor
Ethereum2 months ago
Do Kwon Denies Terra 2.0 Has ‘Ninja’ Code that Enforces Vesting of Tokens, Says it Was Clarified in Proposal 1623
Bit Coin3 months ago
Aave Launches Social Media Project Lens Protocol With Over 50 Apps Built on Polygon
Tech3 months ago
Media Buying Briefing: Four takeaways on Upfront Week from a buyer’s perspective