STEP Token Plummets 90% Following $27M Treasury Wallet Compromise at Step Finance
Step Finance, a DeFi platform operating on Solana, has revealed a security breach affecting its treasury wallets, resulting in more than $27 million worth of SOL being transferred on the blockchain and causing the STEP token to plunge over 90%.
A significant security incident has been reported by Step Finance, a portfolio management tool for decentralized finance on the Solana blockchain, revealing that multiple treasury wallets fell victim to unauthorized access, resulting in a dramatic collapse of its proprietary token's value.
"Earlier today several of our treasury wallets were compromised by a sophisticated actor during APAC hours. This was an attack facilitated through a well known attack vector," the platform wrote in a post on X, adding that they have taken "remediation" steps.
According to blockchain data examined by cybersecurity company CertiK, approximately 261,854 Solana (SOL) tokens (valued at approximately $27.2 million) were withdrawn from staking and moved out of wallets under Step Finance's control.
The complete magnitude of the financial damage has not been officially verified by Step Finance. The development team has remained silent on the specific method used by the attacker to obtain access, leaving questions unanswered about whether the breach originated from a vulnerability in smart contract code, stolen private keys, or a problem with internal authorization protocols. Additionally, it is still unknown if individual user accounts were impacted, or if only protocol-controlled assets were taken.
STEP token crashes over 90% after treasury breach
The market's response was immediate and severe. STEP, the platform's native governance token, experienced a collapse exceeding 90%, based on information from CoinGecko. As of this reporting, the token's price stands at $0.001578, representing a 93.3% decline within the last 24 hours.
Established in 2021, Step Finance positions itself as a "front page of Solana," providing users with a consolidated interface to monitor yield farming operations, liquidity provider tokens and decentralized finance holdings across the majority of Solana-based protocols. In addition to its primary offering, the organization runs SolanaFloor, a media publication focused on Solana, and hosts the annual Solana Crossroads conference.
During the final months of 2024, it acquired Moose Capital, now rebranded as Remora Markets, with plans to introduce tokenized equity trading on Solana. STEP plays a central role in the protocol's governance and incentive structure.
Most crypto projects never recover after a major hack
Approximately 80% of cryptocurrency projects that experience a significant security breach never achieve complete recovery, not due to the original monetary damage, but rather because of inadequate crisis management and a deterioration of community confidence, according to Web3 security executives.
Mitchell Amador, CEO of Immunefi, stated that the majority of development teams lack preparation for security emergencies, resulting in uncertainty, delayed action and insufficient communication during the crucial moments following a compromise. This state of inaction frequently permits damages to escalate and user trust to deteriorate even more severely.
Even when technical issues are resolved, reputational damage is often permanent. Kerberus CEO Alex Katz notes that major exploits typically trigger user exits, liquidity drain and long-term credibility loss.