Blowfish Detects New Solana Drainers 'Aqua' and 'Vanish' Capable of Bit-Flip Attacks
Summary:
Web3 cybersecurity company, Blowfish, uncovers two new Solana drainers, 'Aqua' and 'Vanish', capable of executing bit-flip attacks. These entities manipulate on-chain data after users' transactions are signed, covertly siphoning off SOL. Blowfish is monitoring activities and has implemented protective measures against these newest threats. Meanwhile, the Solana ecosystem continues to see increased targeting by crypto drainers, with some communities revolving around draining strategies consisting of thousands of members.
Web3 cybersecurity company, Blowfish, has identified two novel Solana drainers, named 'Aqua' and 'Vanish', capable of executing bit-flip attacks, as elaborated in an analysis published on Feb. 9 on X (previously known as Twitter). These drainers, flagged for altering an on-chain data condition even after a user’s private key signs a transaction, pay a fee for their script in markets that provide scam-as-a-service platforms. Blowfish explained how these drainers manipulate data and pilfer funds. The firm elucidated, “In the case of Solana, a dApp may be authorized to put forward a transaction. If the dApp’s on-chain program incorporates a condition that permits it to dispatch SOL to the user or drain their account, a drainer might switch that condition at any point.” The analysis continues, initially, users don't notice the drainers. The victim assumes they're signing a legitimate transaction. Yet, upon getting the signature, the drainer momentarily withholds the transaction. “Afterward, through an independent transaction, they alter the dApp’s condition. It transitions from seeming to dispatch SOL to surreptitiously extracting it.”
Bit-flip attacks, where the attacker adjusts the value of certain bits in encrypted data to exploit a system, represents a novel style of scams that hasn't been seen before. These attacks allow the perpetrator to alter the encrypted message without possessing the encryption key. By switching specific bits, an attacker can sometimes predictively modify a message following its decryption. There has been a surge in crypto drainers targeting the Solana ecosystem. Chainalysis revealed that a single Solana wallet drainer kit-focused community comprised over 6,000 members by January. Previously, Chainalysis' senior intelligence analyst, Brian Carter, informed Cointelegraph that the most effective draining kits could target numerous assets in various methods. Reportedly, Blowfish has implemented measures to automatically thwart the newly discovered drainers and is maintaining a vigilant watch over on-chain activities.
Published At
2/10/2024 7:45:46 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.