CertiK Flags Stolen SOL After Stake Authorization Shift at Step Finance
Step Finance confirmed that attackers compromised several treasury and fee wallets during Asia Pacific trading hours and stole 261,854 SOL worth about $30 million. CertiK reported that the stolen tokens were withdrawn after stake authorization shifted to an unknown wallet, raising fresh security concerns across the Solana ecosystem.
The platform disclosed the breach through urgent social media posts. It said a sophisticated actor exploited a well-known attack vector. The team activated emergency protocols and contacted cybersecurity firms for immediate support.
CertiK stated that the stolen SOL moved after stake authorization changed hands. On-chain data showed the tokens were unstaked and transferred during the incident. The activity suggested the attacker gained direct control over staking operations.
Step Finance said user funds remained unaffected. Still, observers questioned whether the breach reflected a deeper internal failure. Did the attacker gain direct wallet access rather than exploit smart contracts?
The team said it notified the relevant authorities. It also worked with security professionals around the clock to contain the damage.
Read more on Analytics Insight
