Solana Network Was Not Breached, Slope Wallet Blamed

“Private key information was inadvertently transmitted,” Solana Status tweeted

article-image

Source: Shutterstock

share

key takeaways

  • Investigations suggest private keys were exposed and transferred to third party
  • Slope recommended users to open a new Slope wallet with a new seed phrase and transfer any assets to the new wallet

Solana developers are distancing the protocol from a series of hacks that resulted in nearly 8,000 Solana wallets suddenly being emptied of their contents in the last 24 hours.

Solana Status, the blockchain’s hub for data and system performance, said “there is no evidence that the Solana protocol or its cryptography was compromised.” 

What exactly caused the hack, then, is up in the air, but it appears to have originated from a vulnerability in Solana hot wallets and assorted third-party extensions. The breach impacted millions of dollars of the blockchain’s native token, SOL, non-fungible tokens (NFTs) and Solana-based tokens, including the stablecoin USDC.

The breach appears to have affected addresses that “were at one point created, imported, or used in Slope [Finance] mobile wallet applications,” according to Solana Status.

That would isolate the incident to Slope accounts, and to an exploit in “private key information” that was “transmitted to an application monitoring service” or third party. 

Loading Tweet..

As such, seed phrases that Slope had access to could have exposed wallets to the unidentified hackers.

That appears to be why many Phantom wallets were also compromised, likely “due to complications related to importing accounts to and from a Slope wallet,” Phantom tweeted

Phantom also encouraged users to create a new non-Slope wallet with a fresh seed phrase to move their assets to, in response to a statement published by Slope.

Slope recommended users create a new wallet on its network with a corresponding, unique seed phrase, and transfer any assets to this new wallet. It also reiterated its commitment to “identify and rectify” the issue, but it has not “fully confirmed the nature of the breach.” 

Consensus points to Slope being able to store users’ encrypted private keys and seed phrases, decipher them as plain text and transfer them to their own centralized servers, as suggested by developer 0xfoobar.

Arthur Breitman, co-founder of Tezos, told Blockworks he believes there will likely be a bailout from venture capital firms and other asset managers, “even though this opens them up to unverifiable fraudulent claims.”

Anatoly Yakovenko, Solana Labs co-founder, tweeted that users ought to “order a ledger, setup a cold wallet!” 

Loading Tweet..

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.png

Research

Content Delivery Networks (CDNs) represent low-hanging fruit in a massive market ripe for Web3-driven disruption. The global CDN market was valued at ~$28B in 2024, and is projected to surpass $140B by 2034, (18.75% CAGR) underscoring the immense demand for efficient content delivery.

article-image

Long before BlackRock’s ETF, there was the Winklevoss Bitcoin Trust

article-image

Mainnet goes live with a 16-node federation, promising five-second block times, low fees and Bitcoin-native DeFi

article-image

Sponsored

WalletConnect Certified is not just a recognition program, it’s a movement to improve how users onboard, transact, and engage across the onchain ecosystem

article-image

In crypto investing, quantity has a quality all its own.

article-image

REX and Osprey prep to launch their Solana staking ETF