SlowMist — Analysis of Large-scale Coin Theft on Solana Public Chain
On August 3, 2022, a large-scale incident of currency theft occurred on the Solana public chain, and a large number of users were transferred SOL and SPL tokens without knowing it. The SlowMist security team tracked and analyzed this incident, behaviors are checked one by one from the chain for off-chain applications, and new progress has been made.
The Slope wallet team invited the SlowMist security team to analyze and follow up together. After continuous follow-up and analysis, the data provided by the Solana foundation shows that nearly 60% of the stolen users used the Phantom wallet, about 30% of the addresses used the Slope wallet, and the rest used the Trust Wallet, etc. And both iOS and Android versions of the application have corresponding victims, so we began to focus on analyzing the possible risk points of wallet applications.
When analyzing Slope Wallet (Android, Version: 2.2.2), it is found that Slope Wallet (Android, Version: 2.2.2) uses Sentry’s service which is widely used, and Sentry runs on o7e.slope. Under the finance domain name, sensitive data such as mnemonics and private keys will be sent to https://o7e.slope.finance/api/4/envelope/ when the wallet is created.
Continuing to analyze the Slope Wallet, we found that the Sentry service in the package with Version: >=2.2.0 will send the mnemonic to “o7e.slope.finance”, while Version: 2.1.3 did not find the behavior of collecting the mnemonic.
Slope Wallet historical version download:
Slope Wallet (Android, >= Version: 2.2.0) was released on 2022.06.24 and later, so users who use Slope Wallet (Android, >= Version: 2.2.0) on 2022.06.24 and later are affected, However, according to the feedback of some victims, Slope Wallet is neither known, nor used.
Then according to the statistics of the Solana foundation, about 30% of the mnemonic of the victim’s address may be collected and sent to the https://o7e.slope.finance of Slope Wallet by the service of Slope Wallet (Version: >=2.2.0). /api/4/envelope/ on the server.
But another 60% of the stolen users were using Phantom wallets. How did these victims get stolen?
After analyzing the wallet of Phantom (Version: 22.07.11_65), it was found that Phantom (Android, Version: 22.07.11_65) also used the Sentry service to collect user information, but no obvious behavior of collecting mnemonic words or private keys was found. (The security risk of the historical version of Phantom Wallet is still being analyzed by the SlowMist security team)
The SlowMist security team is still collecting more information to analyze the reason why the other 60% of the stolen users were hacked. If you have any ideas, welcome to discuss together with us, and hope to contribute to the Solana ecosystem together. The following are some questions in the analysis process:
1. Is it a common security issue for Sentry’s service to collect user wallet mnemonics?
2. Since Phantom uses Sentry, will the Phantom wallet be affected?
3. What is the reason for the other 60% of stolen users being hacked?
4. As Sentry is a widely used service, will the official Sentry be hacked? Which led to the targeted invasion of the virtual currency ecosystem?
Known attacker addresses:
Solana foundation statistics:
https://docs.google.com/spreadsheets/d/1hej7MnhI2T9IeyXpnESmMcIHwgxGucSGUxQ5FqHB9-8/edit#gid=1372125637 (requires access permission)
Please don’t hesitate to support the content to encourage us to keep doing better. And you are also welcome to interact with us — —
through DappOnline Official Twitter https://twitter.com/DappOnline
See you next time!
(The above information is not intended as investment advice, this article only represents personal opinion)
Translator&Editor: Florence Ho
The world’s leading blockchain ecosystem
Official website https://dapponline.io
Official account DappOnline
Chinese telegram group https://t.me/DappOnline_CN
English Telegram group https://t.me/idapponline