$27M Gone in Solana: The Step Finance Treasury Hack Postmortem
Contents
$27M Gone in Solana: The Step Finance Treasury Hack Postmortem
Step Finance Treasury Hack - Broken Victorian vault with scattered Solana tokens
On January 31, 2026, during quiet APAC trading hours, attackers drained roughly $27 million from Step Finance's treasury wallets. Within 24 hours, the protocol's native token crashed over 90%. User funds remained safe—but the damage to confidence was catastrophic.
This wasn't a flashy smart contract exploit or a novel zero-day. It was something far more mundane, and far more preventable: compromised private keys. The kind of infrastructure failure that makes you wonder how many other protocols are one phishing email away from collapse.
Let's break down what happened, why it happened, and what DeFi can learn from a $27 million lesson in treasury security.
What Happened: The Timeline
January 31, 2026 (APAC hours): Attackers gain access to Step Finance's treasury and fee wallets. They execute a methodical operation:
Transfer stake authorization for staked SOL positions
Unstake …
Step Finance Treasury Hack - Broken Victorian vault with scattered Solana tokens
On January 31, 2026, during quiet APAC trading hours, attackers drained roughly $27 million from Step Finance's treasury wallets. Within 24 hours, the protocol's native token crashed over 90%. User funds remained safe—but the damage to confidence was catastrophic.
This wasn't a flashy smart contract exploit or a novel zero-day. It was something far more mundane, and far more preventable: compromised private keys. The kind of infrastructure failure that makes you wonder how many other protocols are one phishing email away from collapse.
Let's break down what happened, why it happened, and what DeFi can learn from a $27 million lesson in treasury security.
What Happened: The Timeline
January 31, 2026 (APAC hours): Attackers gain access to Step Finance's treasury and fee wallets. They execute a methodical operation:
Transfer stake authorization for staked SOL positions
Unstake …