Phantom claims its systems were intact in a $4 million hack
Phantom said that security auditors found no vulnerabilities in its systems related to the wallet attack.
Phantom, a Web3 wallet provider, explained late Tuesday that its systems were not hacked before a wallet breach in which $4.08 million had been stolen from 9,230 wallets.
After almost a week of research, Phantom said on Tuesday that security auditors had not identified any flaws that may link it to the attack.
The wallet provider tweeted, “After over a week of inquiry, our team has found no indication that Phantom’s systems were penetrated during the August 2 security incident.”
At first, it was suspected that a “supply chain assault” on iOS may have affected Solana wallet libraries connected to Phantom, Slope, and other wallet applications.
Eventually, Solana engineers isolated the whole problem to the Slope wallet application. The Solana team said that all compromised email accounts were generated, imported, or used by the Slope programmed.
Security company Otter corroborated this discovery when it discovered that Slope wallet’s seed phrases were being transferred to its server and preserved in clear text. Low-security standards likely contributed to the compromise, which gave hackers access to the seed phrases and the opportunity to drain cash.
Phantom has stated that a non-Phantom source is accountable for some of its impacted consumers. On August 4, Slope said it did not have a definitive explanation for the incident. In its most recent statement on Monday, Slope said it is nearing its investigation’s conclusion in conjunction with blockchain intelligence company TRM Labs and law enforcement organisations.
Disclaimer: The information provided in this article is for informational purposes only and should not be construed as financial or investment advice. Cryptocurrency investments are subject to market risks, and individuals should seek professional advice before making any investment decisions.