Slope security incident update: The wallet version on June 24 sent the private key to Sentry, and it is impossible to prove that the root cause is Slope

[Slope security incident update: The wallet version on June 24 sent a private key to Sentry, and it is impossible to prove that the root cause lies with Slope] On August 17th, Slope announced the external audit report related to the security incident on August 2nd. According to the report, the analysis shows that the Slope wallet version released on June 24, 2022 sent a private key or mnemonic phrase to Sentry’s service (the Sentry service involved in the report refers to the Sentry service deployed privately by the Slope team, not officially provided by Sentry interfaces and services). However, from the investigation of the Slope wallet application to the present, it is impossible to clearly prove that the root cause of the incident lies in the Slope wallet, so the SlowMist security team began to analyze and collect evidence on the Slope server, and further evidence is needed to explain the root cause of the incident.

At present, through the analysis of off-chain servers and related back-end services, it is found that no vulnerability points directly intruding into peripheral servers have been found, and no traces of server intrusion have been found. In the analysis of server intrusion traces, no traces of server intrusion were found. However, suspicious IPs (113.*.*.*, 114.*.*.*, 153.*.*.*) still need to be investigated, and no evidence of DNS hijacking was found in the client-server communication. In the on-chain analysis, the risk capital assessment did not find a large amount of transferable risk funds and potential risk funds. As of the publication of this article, the stolen funds had not been moved further.

Other news:

The founder of SlowMist successfully applied for slowmist.bit from the cross-chain DID.bit through his Twitter: On September 14th, the founder of SlowMist applied for the reserved account slowmist.bit from the cross-chain DID.bit through his Twitter. It is reported that .bit can obtain the account according to the registration fee by citing the account reserved by the third-party data source and successfully initiating the application within the specified time.

As previously reported, on August 15, cross-chain DID .bit announced the completion of a $13 million Series A round of financing, led by CMB International, with participation from HashKey Capita, QingSong Fund, GSR Ventures, GGV Capital, SNZ and SevenX. [2022/9/14 13:29:33]

SolanaStatus: The vulnerability may come from the Slope wallet: On August 4th, SolanaStatus stated on Twitter that after investigation by developers, ecological teams and security auditors, the affected addresses seem to have created and imported wallet addresses in the Slope wallet application or have used the app in the past.

SolanaStatus said that the specific details are still being investigated, and it may be that private key information was inadvertently transmitted to the application monitoring program. Slope confirmed that some Slope wallets were attacked in this incident, but did not determine the specific reason. [2022/8/4 2:58:01]

Solana ecological DeFi platform Apricot Finance announced integration with wallet Slope Finance: official news, Solana ecological DeFi platform Apricot Finance announced integration with decentralized trading platform and wallet Slope Finance, Apricot users will be able to use mobile wallets on Solana to access Lend and X- Farm function.

It is reported that Apricot consists of three products: Lend, X-Farm and Assist. [2021/9/29 17:16:04]