Scam-as-a-service: New Solana drainers identified

Advertisement: Click here to learn how to Generate Art From Text

According to a report shared on X (formerly Twitter) on February 9, Web3 security company Blowfish has discovered two new Solana Drainers that can perform Bit-Flip attacks. 

Drainers are also known as ‘Aqua’The following are some examples of how to get started: ‘Vanish,’ were flagged modifying a conditional within on-chain data, even after a user’s private key was used to sign a transaction. According to Blowfish, the drainers’ script is available for a fee in marketplaces offering scam-as-a-service tools.

The Blowfish team broke down the drainers’ method to flip data and steal funds. “On Solana, a dApp can be given authority to submit a transaction. If the dApp’s onchain program includes a conditional that allows it to send the user SOL or drain their account, a drainer could flip that conditional at any time,”Read the analysis.

Initially, drainers are not noticed by users. The victim signs an apparent valid transaction. The drainer temporarily holds the transaction after receiving the victim’s signature. “Then, via a separate transaction, they flip the dApp’s conditional; it goes from appearing to send SOL to taking it instead.”

A bit-flip is a type of exploitation in which the attacker flips the data.Changes in the way we think about thingsIt is possible to manipulate the system by manipulating the value of bits within the encrypted data. It allows an attacker to modify a message without knowing its encryption key. By flipping specific bits, an attacker can sometimes change a message in a predictable way once it’s decrypted.

A growing number have targeted the Solana Ecosystem. According to Chainalysis one of the largest online groups devoted to a Solana wallet-drainer kit. The group has over 6,000 members.. Brian Carter, Chainalysis Senior Intelligence Analyst, told Cointelegraph, in an earlier interview, that most successful draining kit can target many assets.

Blowfish has reportedly put in place defenses to automatically block drainers that have been found, and is currently monitoring on-chain activities.

Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks