- Phishing attack on Solana exploits ownership model, causing $3 million loss.
- $2 million DeFi assets rescued, mitigating further loss.
- Community urges caution with Solana account permissions.
On December 3rd, a phishing attack reported by SlowMist Security Team resulted in over $3 million in crypto assets lost after an attacker replaced the account’s Owner permission.
The incident exposes significant vulnerabilities in Solana’s account model, urging users to remain vigilant and highlighting potential risks within decentralized finance protocols.
Solana Phishing Exploits Account Ownership, Sparks $3M Loss
SlowMist Security Team reported a phishing attack where a user lost over $3 million due to a replacement of the account’s Owner permission, distinct from traditional key theft. $2 million in DeFi protocol assets became inaccessible but later rescued with protocol assistance.
The attack highlighted vulnerabilities of Solana’s model allowing ownership change, misleading the victim with transaction descriptions that showed no fund changes. This left victims unable to control or rescind permissions.
This attack’s ability to exploit Solana’s ownership permissions instead of traditional private key theft marks a significant evolution in phishing tactics. – SlowMist Security Team, Security Analyst, SlowMist, BlockBeats News
The community and industry figures have urged increased vigilance regarding Solana’s account ownership nuances. SlowMist advised users to inspect hidden permission changes in transactions, preventing similar incidents.
Solana Security Concerns Prompt Calls for User Vigilance
Did you know? Solana’s account ownership model allows permissions to be modified, a method not available in Ethereum’s traditional EOA accounts, posing unique security challenges.
According to CoinMarketCap, Solana’s current price is $141.85, with a market cap of $79.40 billion and trading volume reaching $7 billion, showing a 10.53% rise in 24 hours. The market dominance stands at 2.52%, though the price dropped 19.12% over the past month.
Coincu’s research team suggests potential for regulatory frameworks that may increase security, yet the design of Solana’s account model presents risks requiring careful handling. Solutions may involve enhanced wallet UI to ensure user vigilance during transactions.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Source: https://coincu.com/scam-alert/solana-phishing-attack-3m-loss/