Contents
New Solana drainers exploit transaction conditions, sold as scam-as-a-service tools, prompting heightened security efforts by Blowfish. By Kelvin Munene Murithi 2 hours ago
Story Highlights
- Aqua and Vanish exploit Solana’s dApps, flipping transaction conditions post-approval.
- Chainalysis reports over 6,000 members in a Solana wallet drainer kit community.
- Blowfish’s automated defenses combat Solana drainers while tracking on-chain activity.
Web3 security firm Blowfish has recently discovered two new types of Solana drainers, ‘Aqua’ and ‘Vanish.’ These harmful programs can be exploited to steal users’ cryptocurrency by modifying the transaction conditions even after the users’ private keys have approved the transaction. This revelation signifies the increasing complexity of cyber threats in the blockchain environment and the necessity of improved security mechanisms.
Surge In Solana Drainers
The discovery of Aqua and Vanish has sounded the alarm within the Solana network, as these drainers work by utilizing the authority granted to decentralized applications (dApps) to submit transactions on behalf of users.
Through the change of a conditional in the transaction data, these drainers are capable of switching from sending to draining SOL from the account of the victimized user. This bit-flip attack method, which involves modifying the value of bits within encrypted data to affect the outcome of transactions, has become a deadly weapon in the hands of hackers focusing on the Solana network.
The Spread of Scam-as-a-Service
Blowfish’s investigation shows that Aqua and Vanish scripts are being sold in SaaS (scam-as-a-service) tool marketplaces, which makes it possible for the threat actor to run these stealers without deep technical expertise.
The commercialization of cybercrime tools has led to a rise in the number of attacks aimed at cryptocurrency users, with Solana becoming the primary target alongside its growing popularity. According to Chainalysis, a considerable community is formed for a Sellana wallet drainer kit consisting of over 6,000 people, illustrating the ubiquitous nature of the threat.
Best Crypto Exchanges and Apps September 2024 Must Read Top Meme Coins to Buy Now: What You Need to Know Must Read Top 10 Web3 Games To Explore In 2024; Here List Must Read
Drainer Dangers Prevention Efforts
In reply to the detection of Aqua and Vanish, Blowfish has deployed defenses designed to thwart these two drainers automatically and is closely tracking on-chain activity for suspicious activities. Nevertheless, the difficulty remains considerable since threat actors always develop new techniques and ways to avoid security measures.
The participation of Russian developers in the creation and distribution of these drainers, which usually have Russian documentation attached, gives an international angle to the cybersecurity problems of the Solana community.
Additionally, the wider blockchain security community is gathering to confront this emerging danger. In this respect, Wallet Guard is designed for users who wish to defend themselves against such attacks since the latter usually starts with phishing attempts. By leveraging social engineering techniques, the attackers attract victims to fake DeFi platforms that look like legitimate ones and prompt them to approve malicious transactions.
Read Also: Bitcoin (BTC) Addresses in Profit Tops 90% as Price Eyes $50K