Web3 security firm Blowfish has detected two new Solana drainers that can perform bit-flip attacks, according to a Feb. 9 analysis shared on X (formerly Twitter). 

The drainers, known as ‘Aqua’ and ‘Vanish,’ were flagged modifying a conditional within on-chain data, even after a user’s private key was used to sign a transaction. According to Blowfish, the drainers’ script is available for a fee in marketplaces offering scam-as-a-service tools.

The Blowfish team broke down the drainers’ method to flip data and steal funds. “On Solana, a dApp can be given authority to submit a transaction. If the dApp’s onchain program includes a conditional that allows it to send the user SOL or drain their account, a drainer could flip that conditional at any time,” reads the analysis.

The drainers go unnoticed by users at first. The victim signs what appears to be a valid transaction. However, after receiving the signature, the drainer temporarily holds on to the transaction. “Then, via a separate transaction, they flip the dApp’s conditional; it goes from appearing to send SOL to taking it instead.”

A bit-flip attack is a form of exploitation where the attacker changes the value of some bits in the encrypted data to…


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed