The platform 'Step Finance', the decentralized aggregator built on the Solana network, along with its related projects 'SolanaFloor' and 'Remora Markets', announced the immediate suspension of all operations, following the repercussions of a major security incident that occurred earlier this year.
In a statement published via platform X, the team clarified that they explored several options to continue, including raising new funding or entering acquisition negotiations, but none of these led to a practical solution after the breach that occurred in late January.
The attack resulted in the depletion of assets estimated at around $30 million from 'Step Finance' wallets on the Solana network.
Subsequent investigations revealed that the breach resulted from the compromise of devices belonging to executive management members, which likely led to the leakage of private keys or the infection of devices with malware that disrupted internal transaction approval mechanisms.
After gaining access, the attackers unwrapped approximately 261,854 SOL coins and transferred them from wallets controlled by the project, through malicious transactions on the network that were approved as a result of the breach.
This led to an immediate market reaction, with the price of the STEP token collapsing by more than 80%.
After discovering the vulnerability, the platform halted some of its components to mitigate damage, and later announced the recovery of approximately $4.7 million in assets related to the 'Remora' project and other holdings.
As part of the shutdown process, 'Step Finance' is preparing a buyback program for 'STEP' based on a previous data snapshot prior to the incident, while 'Remora Markets' is preparing to launch a recovery mechanism for 'rToken' holders.
This development comes amid a broader wave of security incidents in the cryptocurrency sector.
According to data from the cybersecurity company 'PeckShield', losses from fraud and breaches in 2025 exceeded $4.04 billion, an increase of nearly 34% compared to 2024.
Of this total, $2.67 billion was attributed to technical breaches, while losses from fraud amounted to $1.37 billion, recording an annual growth of about 64%.
'PeckShield' noted a significant shift from purely technical attacks to targeted social engineering methods, often against centralized entities and high-value individuals, resulting in an increase in the average loss per incident.
More than 200 breach incidents were recorded during the year, excluding fraud operations.
February was the costliest month, driven by a massive breach worth $1.51 billion targeting the 'Bybit' platform, reflecting escalating operational and security risks in the digital asset environment.
$