Blowfish Detected New “Aqua, Vanish” Transaction Drainers On Solana (SOL)
Latest News News

Blowfish Detected New “Aqua, Vanish” Transaction Drainers On Solana (SOL)

Web3 security company Blowfish recently detected a pair of sophisticated Solana (SOL) transaction drainers, dubbed aqua and vanish, on the Solana network, capable of executing elusive bit-flip attacks.

According to Blowfish’s analysis, these two drainers can alter a condition in on-chain data post-transaction signature by the user’s private key. 

These dangerous scripts lurking under the transactional radar are being peddled on the dark web, offering scammers a scam-as-a-service toolkit.

The Blowfish examination highlights the drainers’ adept use of the on-chain authority provided to decentralized apps (DApps), enabling them to switch from transaction facilitators to malicious account-draining entities.

According to the security firm, the troubling aspect of these attacks is their stealth; victims initially see valid transactions, which are then intercepted and manipulated by the attackers to extract cryptocurrency from the user’s account. 

See Also: Ripple CTO Clarifies Some Misunderstanding In Hacken’s XRP Hack Analysis

Such bit-flip attacks threaten transaction integrity by flipping bits in the encrypted data, altering the decrypted message without accessing the encryption key.

The discovery has cast a spotlight on the evolving cyber threat landscape within Solana’s network. 

This increasing threat is underscored by a Chainalysis report that discloses a large community associated with a Solana wallet drainer kit, teeming with over 6,000 participants as of January. 

These drainers symbolize the ease with which cybercriminal tools can now be acquired and employed, particularly as Solana gains traction as a prime target due to its rising fame.

In response to this growing menace, Blowfish stated it had implemented automatic defenses to neutralize these new drainers while continuing to monitor on-chain activity vigilantly.

However, crafting foolproof security remains challenging despite these efforts, as attackers incessantly evolve and refine their avoidance tactics.

The firm’s investigation also unearthed international elements at play, with suspected Russian developers notably involved in crafting and circulating such drainer tools — often accompanied by Russian documentation.

Finally, community solidarity has become crucial in the fight against these threats, with blockchain advocates rallying together to develop and employ protective measures like Wallet Guard, enhancing user defenses against such predatory phishing-oriented attacks.

Zug, Switzerland-based Blowfish works with some 30 customers, including WalletConnect, to help prevent over 500,000 wallet-draining attacks.

#Binance #WRITE2EARN

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.