Valuethemarkets
Step Finance Crypto Heist: $40M Lost, Recovery Efforts Complicated
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On January 31, 2026, Step Finance, a DeFi platform on Solana, was hacked, resulting in the theft of approximately 261,854 SOL tokens valued between $27 million and $30 million. The attack exploited vulnerabilities in the management of treasury and fee wallets, likely through compromised devices of executive team members via phishing or social engineering. Total losses from the incident have escalated to around $40 million, with only $4.7 million recovered, marking a recovery rate of about 12%. The attacker laundered funds by converting stolen SOL into ETH and routing them through Tornado Cash, complicating recovery efforts. The planned buyback of the STEP token is hindered by the cessation of operations and shutdown of affiliates. The incident underscores the critical need for enhanced cybersecurity measures in decentralized finance ecosystems.
Key Points: • Step Finance lost approximately $40 million due to a hack exploiting treasury wallet vulnerabilities. • Only $4.7 million has been recovered, reflecting a 12% recovery rate from the total losses. • The attacker laundered stolen funds through Tornado Cash, complicating future recovery efforts.