Blockchain reviewers have suggested that the reason for a massive $ 4 million hack on multiple cryptocurrency wallet providers is due to a misconfiguration in a widely used event logging technology.
Solana (SOL) and USD Coin (USDC) cryptocurrency tokens were among those stolen from Slope wallets by an unknown attacker, after wallets revealed leaked clear opening sentences.
Seed phrases are randomly generated strings of words used to mine cryptocurrency wallets. They are considered safe and only the owners should know what these chains are.
Blockchain auditors Zellic and OtterSec both released the results of their respective investigations, which are still ongoing, with both focusing on the Slope portfolio. They concluded that the problem stemmed from a misconfiguration in Sentry.
Sentry is an event registration platform used by many industry websites and mobile apps, including Slope Wallet for iOS and Android. Other affected portfolios also include Phantom, Solflare, and TrustWallet.
Zellic stated that “any in-app interaction would trigger an event log. Unfortunately, Slope hasn’t configured Sentry to sanitize sensitive information. By doing so, [the seedphrases] have been communicated to the Sentry ”.
Anyone with access to Sentry can access users’ private keys, OtterSec She saidallowing them to retrieve wallets that do not belong to them and transfer tokens to their personal wallet.
by Zellic analyses revealed that Slope had only been using Sentry for a week before the breach was confirmed.
He also said that data that doesn’t need to be linked to Sentry can be cleaned via the platform’s SDK or via server-side cleaning.
Slope said many wallets belonging to its founders and staff were also sold out in the attack.
OtterSec has been working with Slope since the start of the attack on Tuesday night, with Slope providing records to the listener dating back to July 28.
There are concerns about a discrepancy between the addresses of wallets confirmed to be affected by the hack and those present in Slope’s logs, OtterSec said.
“About 1,400 of the exploit addresses were in the Sentry logs. Notably, this doesn’t take into account all compromised addresses, “OtterSec said.
“Over 5,300 private keys were found in the Sentry instance that were not part of the exploit. 2,358 of those addresses contain tokens, “she added.
The findings suggest that there are thousands of additional wallets containing cryptocurrency tokens and may currently be vulnerable to further attacks by as yet unknown hackers.
Owners of a Slope Wallet are strongly advised to transfer all tokens to another storage method as soon as possible, such as a hardware ledger or centralized exchange.
“We actively conduct internal investigations and audits, collaborating with leading external security and auditing groups,” Slope said in an official statement.
“We work with developers, security and protocol experts across the ecosystem to identify and resolve [the situation].
“We are still actively diagnosing and are committed to publishing a complete post mortem, regaining your trust and making it as fair as possible.”
Since Wednesday, more than 9,000 wallets had been emptiedwhose number is increasing.
Solana said she was conducting her own investigation into the incident, but “there is no evidence that the Solana protocol or its encryption has been compromised.”
Numerous industry-wide investigations are still ongoing and more findings are likely to be revealed as they continue.
The COO’s Pocket Guide to Intelligent Automation on a Enterprise Scale
Automate more cross-company and expert work for a better value chain for customers
Introducing IBM Security QRadar XDR
A complete open solution in a cluttered and confused space
2021 Gartner Critical Features for Data Integration Tools
How to identify the right tool to support your data management solutions
Unified Endpoint Management Solutions 2021-22
Analyze the EMU landscape