On August 3, 2022, a large-scale incident of currency theft occurred on Solana, and a large number of users “transferred SOL and SPL tokens without their knowledge,” the SlowMist team noted in their analysis of the incident.
The SlowMist security team “tracked and analyzed this incident, checked from on-chain behaviour to off-chain applications one by one and make new progress.”
The Slope wallet team invited the SlowMist security team to analyze and follow up.
After continuous follow-up and analysis, the data provided by the Solana foundation “shows that nearly 60% of the stolen users use the Phantom wallet, about 30% of the addresses use the Slope wallet, and the rest use the Trust wallet, etc., and both iOS and Android versions of the application are used.”
There are “corresponding victims, so [the team] began to focus on analyzing the possible risk points of wallet applications.”
When analyzing Slope Wallet (Android, Version: 2.2.2), SlowMist “found that Slope Wallet(Android, Version: 2.2.2) uses sentry’s service.”
The sentry is “a widely used service, sentry runs on ‘o7e. slope.finance.’
The sentry’s service collecting sensitive data “such as mnemonics and private keys from Slope Wallet and sent to “https://o7e.slope.finance/api/4/envelope/” when creating a wallet.”
SlowMist continue “to analyze Slope Wallet, [and they] found that the sentry service in the package with Version: >=2.2.0 will collect the mnemonic and send the mnemonic to ‘o7e.slope.finance’, while Version: 2.1.3 not find any obvious behavior of collecting mnemonics or private keys.”
Slope Wallet historical version download:
https://apkpure.com/cn/slope-wallet/com.wd.wallet/versions
Slope Wallet(Android, >= Version: 2.2.0) was “released after 2022.06.24, so users who use Slope Wallet(Android, >= Version: 2.2.0) after 2022.06.24 are affected, but according to Some of the victims reported that they were never heard of Slope Wallet and did not use Slope Wallet.”
Then according to the statistics of the Solana foundation, “about 30% of the mnemonic of the victim’s address may be collected by the Slope Wallet (Version: >=2.2.0) sentry service and sent to the ‘https://o7e.slope. finance/api/4/envelope/’.”
But another 60% of the victims “were using Phantom Wallet. How did these victims get stolen? After analyzing the Phantom (Version: 22.07.11_65) wallet, it was found that Phantom (Android, Version: 22.07.11_65) also used the sentry service to collect user information, but did not find any obvious behavior of collecting mnemonics or private keys . (The security risk of the historical version of Phantom Wallet is still being analyzed by the SlowMist security team)”
Some questions
The SlowMist security team is “still collecting more information to analyze the reason why the other 60% of the stolen users were hacked.”
If you have any ideas, then you are “welcome to discuss together, and hope to contribute to the Solana ecosystem together.”
The following are some questions in the analysis process:
- Is sentry’s service collecting user wallet mnemonics a common security issue?
- Phantom uses the sentry service, will the Phantom wallet be affected?
- What is the reason for the other 60% of [affected] users being hacked?
For more details on this update, including the attacker and victim’s address, check here.