Solana Under Siege: Step Finance Drained of $30M as STEP Token Plummets 80% in Hours

A formidable cyber incursion within the Solana ecosystem has profoundly destabilized the decentralized finance landscape. The Step Finance platform disclosed a breach of its operational wallets, resulting in the illicit exfiltration of approximately $30 million in assets from project reserves; consequently, the associated token plummeted by over 80% within a mere few hours.

The architects of Step Finance elucidated that the antagonists gained unauthorized access to multiple treasury and commission wallets simultaneously. According to their disclosures, approximately 261,854 SOL were transferred to clandestine addresses. Crucially, user-held wallets remained unblemished, as the offensive specifically targeted the protocol’s internal capital. The team asserted that an exhaustive investigation is underway, having already enlisted the expertise of preeminent cybersecurity firms.

Market reaction was instantaneous. According to cryptocurrency valuation aggregators, the STEP token collapsed to the $0.004 threshold. The project’s market capitalization evaporated to approximately $1.3 million, relegating it to the status of a micro-cap asset. Liquidity vanished as price volatility intensified; while trading had remained relatively sedate prior to the incident, the subsequent trajectory revealed a vertical descent devoid of discernible support levels. Transient rebounds proved insufficient to arrest the overarching bearish momentum.

Operational commission activity within the network had previously exhibited sharp escalations in early 2025, reaching $150,000–$160,000 per diem—a phenomenon typically attributed to speculative fervor. Following the compromise, these metrics, alongside trading volumes, have significantly diminished. The current valuation reflects tentative, risk-averse acquisitions and a profound erosion of investor confidence rather than a concerted effort toward recovery.

Analogous offensives have historically plagued DeFi projects predicated on Solana. Prevailing vulnerabilities often include the compromise of operational wallets, the leakage of private keys, and systemic failures in access control. In prior instances, disparate projects have forfeited millions due to the seizure of administrative accounts or inadequate oversight of privileged operations.