Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Step Finance has issued a statement on X regarding a recent exploit, disclosing that approximately $40 million was stolen from its treasury due to a compromise of an executive's device. Upon detecting the vulnerability, Step Finance launched an investigation in collaboration with cybersecurity researchers and relevant authorities, and has notified law enforcement. While certain operations were temporarily suspended during this period, the team has successfully recovered approximately $3.7 million in Remora assets and $1 million in other positions. Attack method (per SlowMist): Supply Chain Attack. Reported loss: $ 40,000,000.
- chain
- —
- protocol
- Step Finance
- bug_class
- unknown
- date_occurred
- 2026-01-31
- loss_usd
- $40,000,000
- source_id
- sm:step-finance::2026-01-31