lazarusholic

• Reported: 2026-01
• Locations: Spain
• Motivations: #FinancialGain
• Sectors: #Cryptocurrency

The Step Finance incident was not caused by a smart contract flaw but by a compromised executive laptop that exposed administrative keys, allowing an attacker to transfer staking authority to a new wallet and unstake 261,854 SOL (approximately $27.3 million) within about 90 minutes; despite having audited contracts and established security practices, the breach stemmed from a “well-known attack vector” (likely phishing), highlighting human and endpoint security weaknesses rather than protocol design issues, and while around $4.7 million was later recovered through built-in protections, the majority of funds were lost and the project’s token value collapsed, illustrating a classic private key compromise leading to full treasury drain in a DeFi environment.