link.png

ID:

phantom-slope-and-trust-wallets-1005

Date:

Status:

Incident Count:

August 2, 2022

Verified

1

info.png
target.png
REKT

Contributor:

chain.png

web3rekt.com

KYC By:

KYC:

None

info.png

Audit By:

Audits:

Certik

Loss Amount:

5,000,000

info.png

Recovered:

-

Rewards:

Currency:

USD, SOL

info.png

Users of the Solana Phantom, Slope and Trust wallets are reporting that their wallets are being drained. Over $5M has been taken across 8000+ wallets. It appears from analysis that Slope may have leak the private key to the application monitoring system allowing funds to be drained from these hot wallets. Losses from Phantom and Trust wallets are likely the result of collateral damages, perhaps, because of seed re-use. No losses observed with hardware wallets.

Beosin reported that Slope wallet uses the Sentry service which leaks seed words and private key to teh Slop's server when teh user creates the wallet (https://twitter.com/BeosinAlert/status/1555143734987067392/photo/1).

info.png

DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.