Using a Dune chart to track these attacks, it tallied just over $4 million worth of stolen cryptocurrency from over 9,000 unique wallets.
Slope Financial issued a statement advising all Slope users to create "a new and unique seed phrase wallet and transfer all assets to this new wallet.""Many" wallets belonging to Slope employees were also taken away, but hardware wallets (also known as cold wallets, which are not connected to the internet) were not affected, the blog post said.
Slope did not provide details on how the attack took place, but outsiders discovered that the company's mobile app was transmitting users' private keys unencrypted as part of its logging and telemetry.
Solana said in a tweet: "The details of exactly how this happened are still under investigation, but private key information was inadvertently transmitted to an application monitoring service." The company added: "There is no evidence that the Solana protocol or itsCryptographic features are compromised."
Some Solana users who held funds in wallets operated by third-party Phantom were also affected.But Phantom believes all the blame lies with Solana.