Rating Finance Treasury Breach Sparks $27M SOL Loss, Rating Drop
StepFinance, a decentralized financial portfolio tracker on Solana, has revealed a security breach that led to a compromise of several treasury wallets, leading to a massive sell-off in its native token.
“Earlier today, several of our treasure wallets were compromised by a sophisticated actor during APAC hours. This was a coordinated attack with a well-known attack vector,” the platform said in a post on X, saying that they had taken “remedial” steps.
Onchain data reviewed by blockchain security firm CertiK shows that approximately 261,854 Solana (SOL) (approximately $27.2 million) were unclaimed and transferred from a wallet controlled by Step Finance.
Step Finance has yet to confirm the total amount of the loss. The team did not say how the attacker was able to gain access, or whether the incident resulted from a smart contract flaw, corrupted keys, or a hacking problem. It is also unclear whether any user funds beyond the assets owned by the protocol were affected.
Related: SwapNet Exploit Exploits Matcha Meta Users Up to $13.3M
After the treasury breach, STEP token will fall more than 90%
Market response was swift. According to data from CoinGecko, the project management token STEP has dropped by more than 90%. At the time of writing, the token is trading at $0.001578, down 93.3% in the previous day.
In the year Founded in 2021, StepFinance bills itself as the “front page of Solana,” providing users with a unified dashboard for product farms, LP tokens, and DeFi placements across most Solana-based protocols. Beyond its core product, the company operates Solana Flour, a Solana-focused media network, and produces the annual Solana Junction Conference.
In the year In late 2024, it acquired Moose Capital, now named Remora Markets, which plans to introduce token equity trading on Solana. Ranking plays a central role in the protocol's governance and incentive structure.
Related: CertiK Connects $63M in Tornado Cash to $282M Wallet Deal
Most crypto projects never recover after a major hack.
About 80% of crypto projects fail to fully recover, not because of initial financial loss, but because of poor crisis response and a lack of trust, according to Web3 security executives.
According to Mitchell Amador, CEO of Immunefi, most teams are unprepared for security challenges, leading to hesitation, slow decision-making and poor communication in the critical hours after a breach. This paradox often leads to increased losses and further erosion of consumer confidence.
Even when technical issues are resolved, defamation is often persistent. Alex Katz, CEO of Kerberus, said that major exploits in particular trigger user exits, resulting in liquidity shortages and long-term loss of loyalty.
Magazine: How crypto rules changed in 2025 – and how they will change in 2026
