Step Finance Suffers $30M Solana Treasury Breach as STEP Token Crashes

Step Finance has confirmed a major security incident involving the compromise of multiple treasury and fee-collection wallets, resulting in the loss of roughly 261,854 SOL, valued at approximately $30 million at the time of the breach.

The incident marks one of the most significant project-level treasury exploits on Solana in recent months and triggered an immediate market reaction across Step Finance’s native token.

What Happened: Treasury Wallets Compromised

According to preliminary on-chain analysis and Step Finance’s own disclosures, attackers were able to unstake and transfer SOL directly from several internal wallets controlled by the protocol.

The stolen funds were moved to an unknown external address, and the exact attack vector remains under investigation.

Crucially, the breach appears to have been isolated to Step Finance’s internal infrastructure, rather than a protocol-wide smart contract failure.

Market Reaction: STEP Token Collapses

News of the exploit sent the STEP token into a steep sell-off, with prices plunging nearly 80%, falling to around $0.00484 shortly after the disclosure.

The move reflected investor concern over:

• The scale of the treasury loss
• Uncertainty around recovery prospects
• Broader risk sentiment toward Solana DeFi treasuries

Liquidity thinned rapidly as holders rushed to reprice governance and revenue expectations.

Project Response and Ongoing Investigation

Step Finance confirmed the breach through its official communication channels, stating that a subset of wallets had been compromised and that the team immediately began securing remaining systems.

Key points from the response include:

• A forensic investigation is underway to determine how access was obtained
• The team is working to contain any residual risk across treasury infrastructure
• No evidence so far suggests that user-staked funds or private user wallets were affected

The team emphasized that the exploit was not a user-level security failure, but rather a breach involving project-controlled assets.

Broader Implications for Solana DeFi

The incident highlights ongoing risks around treasury key management, wallet permissions, and operational security, even among established Solana-native platforms.

While Solana’s underlying network was not implicated, the breach reinforces the importance of:

• Multi-layer treasury controls
• Time locks and withdrawal limits
• Transparent post-mortem disclosures

Markets will likely remain cautious until more details emerge regarding:

• The attack vector
• Whether funds can be traced or recovered
• Potential governance or structural changes following the loss

What to Watch Next

Step Finance stated it will continue to provide updates via its official X account as the investigation progresses. Key developments to monitor include confirmation of the exploit method, any coordination with validators or law enforcement, and clarity on how the treasury loss may affect future protocol operations.

For now, the incident serves as another reminder that DeFi risk is not limited to smart contracts alone, but extends to the operational security of the teams managing protocol assets.

The post Step Finance Suffers $30M Solana Treasury Breach as STEP Token Crashes appeared first on ETHNews.