wp-plugin-hostgator domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114ol-scrapes domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114Source: https:\/\/www.theverge.com\/2022\/8\/4\/23291180\/solana-cryptocurrency-slope-phantom-wallet-theft-supply-chain-attack<\/a> Earlier this week, thousands of crypto wallets connected to the Solana ecosystem were drained by attackers<\/a> who used owners\u2019 private keys to steal both Solana (SOL) and USD Coin (USDC). Solana now says that, after an investigation \u201cby developers, ecosystem teams, and security auditors,\u201d it\u2019s linked the attack to accounts tied to the Slope mobile wallet app.<\/p>\n A chart set up on Dune<\/a> to track the attacks tallies the amount of crypto stolen at just over $4 million, taken from over 9,000 unique wallets.<\/p>\n Slope Finance, which calls itself \u201cthe easiest way to discover web3 applications from one secure place,\u201d has issued a statement<\/a> advising all Slope users to create \u201ca new and unique seed phrase wallet, and transfer all assets to this new wallet.\u201d The blog post says \u201cmany\u201d wallets belonging to Slope staff were also drained but notes that hardware wallets (also known as cold wallets, which are not connected to the internet) were unaffected.<\/p>\n This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure.<\/p>\n While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service. 2\/3<\/p>\n \u2014 Solana Status (@SolanaStatus) August 3, 2022<\/a>\n<\/p><\/blockquote>\n<\/div>\n Slope did not provide details of how the attack happened, but outsiders have uncovered evidence that the company\u2019s mobile apps were transmitting users\u2019 private keys<\/a> unencrypted as part of their logging and telemetry. <\/p>\n In a tweet<\/a>, the Solana group said, \u201cThe details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service.\u201d The company added: \u201cThere is no evidence the Solana protocol or its cryptography was compromised.\u201d<\/p>\n Some Solana users keeping funds on wallets operated by third-party Phantom were also affected, but Phantom itself has placed blame for the breach firmly at Slope\u2019s doorstep.<\/p>\n \u201cPhantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from @slope_finance<\/a>,\u201d the company tweeted<\/a>. \u201cIn the meantime, if any Phantom users have also installed other wallets, we recommend you try to move your assets to a new non-Slope wallet with a fresh seed phrase.\u201d<\/p>\n<\/div>\n
\n
<\/br><\/code><\/p>\n\n