On-chain analysts discovered that a new type of attack on crypto users — a Bit-flipping attack — is actively spreading among scammers. Cybercriminals use it to steal SOL when a transaction is underway.
Blowfish revealed a new type of attack on crypto users called the Bit-flipping attack, which allows hackers to modify transaction data once a user signs it with a private key.
Blowfish analysts found that drainers (phishing pages) use two new sets of hacking software — Aqua and Vanish. The malicious scripts exploit vulnerabilities in the functionality of dApps on the Solana network to allow attackers to intercept transactions by changing their content. Victims remain unaware of the attack for some time, as they sign what appears to be a valid transaction.
The Blowfish team also discovered that the malicious scripts are distributed via the Drainer-as-a-service (DaaS) model in dark web. Anyone can purchase and use them. The company’s analysts assure that they managed to develop a defense system to automatically block detected drainers.
Recently, the authorities of Singapore warned that commercial Drainer-as-a-service kits are actively spreading among fraudsters, allowing them to use malware to steal cryptocurrencies.