Back to main

Blowfish Uncovers Two New Solana Drainers Capable of Bit-Flip Attacks

Blowfish, a Web3 security firm, has uncovered two fresh Solana drainers capable of executing bit-flip attacks, as disclosed in an analysis shared on the social media platform X on February 9.

The drainers, Aqua and Vanish, were identified altering a condition within on-chain data even after a user’s private key had authenticated a transaction.

Blowfish revealed that these drainers’ scripts are purchasable for a fee within marketplaces that peddle scam-as-a-service tools.

The Blowfish team elucidated the modus operandi employed by the drainers to manipulate data and pilfer funds:

“On Solana, a dApp can be granted authority to submit a transaction.

If the dApp’s on-chain program incorporates a condition permitting it to transfer the user SOL or drain their account, a drainer could manipulate that condition at any given moment,” the analysis expounded.

Initially, users remain oblivious to the presence of these drainers. The victim signs what seems to be a legitimate transaction.

However, subsequent to obtaining the signature, the drainer temporarily retains the transaction.

“Subsequently, via a separate transaction, they alter the dApp’s condition; it transitions from ostensibly sending SOL to seizing it instead.”

READ MORE: European Commission Proposes Mandate for Tech Platforms to Detect AI-Generated Content

A bit-flip attack represents a form of exploitation where the perpetrator alters the value of certain bits within encrypted data to manipulate a system.

This tactic enables the attacker to modify the encrypted message sans knowledge of the encryption key.

By flipping specific bits, an attacker can sometimes alter a message in a foreseeable manner post decryption.

The Solana ecosystem has witnessed an escalating onslaught from crypto drainers.

According to Chainalysis, a leading online community centred around a single Solana wallet drainer kit boasted over 6,000 members as of January.

Brian Carter, senior intelligence analyst at Chainalysis, previously conveyed to Cointelegraph that the most effective draining kits possess the ability to target numerous assets through diverse means.

Allegedly, the Blowfish team has implemented defensive measures to automatically thwart the newly identified drainers and is actively monitoring on-chain activities.

Discover the Crypto Intelligence Blockchain Council

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Read on Crypto Intelligence Investment Disclaimer