Giant Solana hack: the hacker’s IP address identified thanks to an NFT?

The empire strikes back – The Solana blockchain has been experiencing technical problems and incidents for several months. This time, it was a major attack that targeted the protocol. If you missed the first elements of this major attack on the Solana network, read our first detailed inventory. If you’re up to date, let’s continue exploring this hack that will mark memories!

Nice hackers have talent too

The Solana affair punctuates the third day of a week decidedly punctuated by the hacks and siphoning of wallets cryptos. Ethereum, Fantom, and now Solana have been targeted since Monday.

If ordinary mortals can not do much in this kind of attack, some Internet users compete in ingenuity. By combining computer skills and a touch of human psychology, the white hack answering to the nickname of @lordnarfz0g on Twitter would have succeeded in recovering the IP address of the pirate.

This Twitter user took advantage of a security flaw related to NFTs. Revealed at the beginning of the year, this security breach allows a malicious actor to collect a whole lot of data via a non-fungible token.

@lordnarfz0g reveals some of the extracted metadata to the hacker. Source

By coding a program linked to the opening of an nft by its owner, it is possible to extract the metadata request made at the time of the click. The hacker recovers this data, including the victim’s IP address, and hosts it on a server to which he has access.

>> Make the choice of security: Register on PrimeXBT (commercial link) <<

“The honeypot worked”

Our hacker in the white hat therefore took it into his head to trap the hacker by using this process. A method he regularly uses to investigate such stories, by his own admission. He confides here to have taken fifteen minutes before extracting the IP address of the fraudster.

As expected, the hacker received the NFT and clicked on it (otherwise no data extraction). In addition to the IP address, it would therefore seem to have been established that it does indeed have a wallet ghost…

Still had to think about it.

This kind of information is sensitive and could indeed help in the pursuit of the thief, at least in his location at first. The strategist himself could not believe it, the coup worked.

All the more so after revealing the nature of the NFT sent to the pirate, and the leverage used to encourage them to click. To make it short, it’s a black and white photo showing two very naked women.

According to the latest news, the attack is still ongoing and its causes are still unclear, although a weakness in an open source code library could be the cause. Often decried, the crypto community is not just a view of the mind: the white hats are the best examples.

Stay away from crypto dramas and hacks: for your security, trust reliable and strong partners. Register now on the PrimeXBT platform (commercial link).

Leave a Comment