Note: The Security Team at FYEO will continue to investigate the situation and will update this blog and Twitter as new information becomes available.
Updated: August 4th,16:55 EST
On Aug 3, 2022, it became apparent that most of the users targeted by this vulnerability had, in some form or other, been in contact with the Slope Wallet app. Repeatedly, user interviews and analyst investigations pointed to this commonality and a separate investigation seems to have verified Slope Wallet as the likely culprit, though it has yet to be confirmed by the Solana Community and Security Researchers.
A pentester in the task force investigating the Slope Wallet app uncovered something very disturbing. The Slope Wallet app phones home to a sentry.io server to report all interactions with the app. This procedure is a normal DevOps functionality to enable early detection of errors or bugs in an application by reporting back normal and abnormal behavior to the developers. In an application that keeps financial or PII data, this is not considered best practice due to the ease with which a misconfiguration could leak information you don’t want to make public, like passwords or private keys.
In this case, it was even worse. Every time someone imported a wallet to the Slope Wallet, the key phrase, the words you use to recreate the private key, was logged and sent to a remote server. This action even happened if you opened the app and didn’t interact with it. The result was that your seed phrase, the most secret thing you can have in the Web3 context, was uploaded and stored in plain text on a server. That server log was likely somehow downloaded and used as a way of recreating every logged account and using that recreated private key to empty every user account in that logfile. At this time, over 9000 accounts have been exploited.
What can you do if you have not been targeted… yet?
Well, as the address you are using must now be deemed compromised, you should quickly create a new account with a completely different wallet application. You might even consider a hardware wallet or creating a custodial account at one of the big exchanges. Transfer all your funds from the compromised account to the newly created account as soon as possible. Then, throw the old account away and never use it again.
The FYEO team is continuously monitoring and supporting the effort to get to the bottom of this very troublesome exploit as more details are uncovered. This hack again shows that human error is a great threat to all of us and further bolsters the importance of pentesting, code reviews, and basic cybersecurity best practices, like encryption of all private information in transit and at rest. Even if an application has a large user base and, thus, seems secure, automation of DevOps without fully understanding the consequences of an action, or inaction, can have very expensive repercussions.
Updated: 15:02 EST
On August, 2, 2022 around 23:30 UTC, some reports of wallets being drained were brought to the attention of a group of security researchers in the Solana community.
According to an analysis done on SolScan, as of 15:47 UTC on the following day, there is currently more than $6.5M USD stolen across more than 15,200 wallets. The bulk of the funds stolen were in USDC and SOL, although a variety of other tokens were drained from wallets as well.
In our blog post, we assume familiarity with blockchains and self-custodial wallets. We also assume the basic concepts around consensus, cryptocurrency, and encryption.
The Discovery:
At first, the reason for wallets being drained was unclear. It was also unclear whether or not this was only compromising wallets on Solana, or other chains such as Ethereum as there were reports around additional wallets like TrustWallet or Metamask having their funds drained. A group of security firms and independent researchers began eliminating possibilities by analyzing wallets and transactions, testing possible scenarios, and surveying victims of the exploit. From the initial discussions, research teams were able to eliminate any scenarios around exploits regarding approvals, durable nonce transactions, or key generation cryptography (Source).
The Hack:
The identified wallets that the hacker used were:
Some possible hypotheses on how the exploit is being executed: supply chain attack, multi-pronged attack, or low entropy key generation. Additionally, some wallets have been drained without any prior application approval interactions. So far, the only guaranteed way to avoid having your wallet compromised is by utilizing a hardware wallet.
Aftermath:
The story is still slowly evolving. Additional factors around the exploit, such as which blockchain ecosystems, which wallet providers, or which tokens are impacted is still to be uncovered. While this story is not completely finished, we may assume that a large portion of the exploit has subsided and that we are close to discovering the root cause.
We conclude that blockchain is not inherently secure, nor are the applications and infrastructure that supports it. It is vital for teams to have the security of their applications audited, especially smart contracts. Contact FYEO if you need assistance in securing your application..