Step Finance Shuts Down After Suffering $40M Hack
Step Finance, a portfolio management dashboard on the Solana network, announced it is shutting down its operations following a significant security breach that drained approximately $40 million from its treasury wallets. The platform first reported the breach on , and the subsequent financial losses have forced the project to cease development and seek acquisitions for its remaining assets.

On , Step Finance disclosed a breach of security for some of our treasury wallets and engaged cybersecurity firms to investigate the incident. According to blockchain security firm CertiK, the attack involved the unstaking and transfer of 261,854 Solana (SOL), valued at around $27 million at the time. Step Finance later confirmed the total losses amounted to approximately $40 million.

The hack had a catastrophic effect on the platform’s native token, STEP. According to data from CoinGecko, the token’s value plummeted by 96% in the days immediately following the breach. The subsequent announcement of the platform’s closure on , caused a further 36% drop. The token, which reached an all-time high of $10.20 in August 2021, is now trading at approximately $0.00057. The shutdown contributes to a broader downturn in the decentralized finance (DeFi) ecosystem on Solana, which has seen its total value locked (TVL) fall 52% from its peak to $6.3 billion, as reported by DeFiLlama.

The shutdown is a direct consequence of the treasury being drained, leaving the project without the necessary capital to continue operations. Step Finance co-founder George Harrap stated that the team is pursuing offers from entities interested in acquiring parts of the business, but noted, we are on a time crunch. Prior to the incident, crypto investor Mike Dudas reported that he was contacted about a bridge funding round but requested a security post-mortem first and received no reply, suggesting potential underlying issues before the major breach.

With operations ceasing, the immediate future for Step Finance involves attempting to sell its remaining business assets. For the broader Solana DeFi community, this event serves as another setback, potentially eroding user trust and increasing scrutiny on the security protocols of other projects within the ecosystem.

Users involved in the decentralized finance space should consider taking several precautionary steps to protect their assets. Regularly review and revoke active token approvals for dApps you no longer use. Diversifying assets across multiple platforms can mitigate losses from a single project’s failure. Before investing, research a project’s security audits and the background of its development team. For storing significant digital asset holdings, using a hardware wallet is a recommended security practice.

Follow Hashlytics on Bluesky, LinkedIn , Telegram and X to Get Instant Updates

RELATED ARTICLESMORE FROM AUTHOR