Experts Discover Private Keys on Slope Servers. Access to the Servers is an Unanswered Question for Them.

Blockchain analysis firms involved in the Solana investigation of the Solana exploit decode the latest developments as teams attempt to figure out how private keys were stolen.

Blockchain auditing firms are still trying to determine how hackers gained access to about 8,000 private keys used to drain Solana-based wallets.

Investigations are in progress after attackers managed to steal approximately $5 million worth of Solana (SOL) and Solana Program Library (SPL) tokens on Wednesday. Security firms and ecosystem participants are helping to unravel the details of the attack.

Solana has been working closely with Phantom and Slope.Finance The two Solana-based companies that have accounts of users affected by the hacks. Since then, it has been discovered that some of the stolen private keys were tied to Slope.

Blockchain audit and security firm Otter Security and SlowMist supported ongoing investigations and unpacked the findings in direct correspondence with Cointelegraph.

Robert Chen, founder of Otter Security, shared his experiences gained from first-hand access to affected resources, in collaboration with Solana and Slope. Chen confirmed that a portion of affected wallets contained private keys that were present on plaintext Sentry log servers at Slope.

Chen also revealed to Cointelegraph that 5,300 private keys that weren't part of the hack were found in the Sentry instance. Nearly half of these addresses contain tokens, with users being urged to transfer funds if they haven't done so already.

After being asked by Slope to analyze the exploit the SlowMist team reached a similar conclusion. The Sentry service of Slope Wallet took the user's private key, a mnemonic phrase and then transmitted the credentials to o7e.slope.finance. SlowMist was unable to locate any evidence to provide a reason for the credentials to be stolen.

Cointelegraph also reached out to Chainalysis and confirmed that it was performing an analysis of the blockchain regarding the incident, after sharing initial findings on the internet. The exploit affected users who had transferred accounts to or from Slope.Finance.

While the incident absolves Solana from the burden of the exploit However, the incident has brought to light the necessity of auditing services for wallet providers. SlowMist suggested that wallets be audited by multiple security companies before release and advocated for open source development to increase security.

Chen stated that some wallet providers have "flown under the radar" in terms of security in comparison to decentralized applications.all about private wow servers Chen hopes to see the change in user attitudes towards the relationship between wallets and validation from external security partners.