The massive Solana wallet hack had occurred after centralized servers stored unencrypted seed phrases sent by Slope Wallet’s mobile app, making them visible to anyone with access to the server, showed a preliminary finding from blockchain audit firm OtterSec.
See related article: Solana blames Slope for exploit
About 15% of all the affected 9,223 wallets can be traced back to this vulnerability, said Solana-based wallet Slope, and investigators are also looking into how the rest of the wallets are affected.
The seed phrase is a group of words that allow access to a cryptocurrency wallet.
OtterSec also found over 5,300 addresses with private keys exposed but have not been breached, and that more than 2,000 addresses have tokens. Private keys are strings of 256 alphanumeric characters that also allow access crypto wallets.
Over the past two days, almost US$6 million in cryptocurrency has been drained and sent to four hacker addresses, according to blockchain explorer Solscan.
Slope has notified law enforcement agencies for a potential criminal investigation into the attacker.
See related article: After Nomad and Solana, ZB.com gets hacked for US$4.8 mln