Giant Solana hack: the IP address of the hacker identified thanks to an NFT?

The empire strikes again – Solana’s blockchain has had technical problems and incidents for several months. This time, it is an important attack that has the goal. If you missed the first elements of this great attack on the Solana network, read on our first detailed inventory. If you are up to date, let’s keep exploring this trick that will mark the memories!

Even good hackers are talented

The Solana affair marks the third day of a week markedly marked by the tricks And siphoning from wallets cryptocurrencies. Ethereum, Fantom and now Solana have been targeted since Monday.

While mere mortals can’t do much in this type of attack, some Internet users compete for ingenuity. Combining computer skills and a touch of human psychology, the white hack that responded to @ lordnarfz0g’s Twitter nickname would have been able to retrieve the pirate’s IP address.

This Twitter user exploited a security flaw related to NFTs. Unveiled earlier this year, this security breach allows an attacker to collect a huge amount of data via a non-fungible token.

@ lordnarfz0g reveals some of the metadata extracted to the hacker. Source

By coding a program linked to the opening of an NFT by its owner, it is possible to extract the request for metadata made at the time of the click. The hacker retrieves this data, including the victim’s IP address, and hosts it on a server to which he has access.

>> Make the choice of security: Register on PrimeXBT (commercial link) <

“The honeypot worked”

Our white hat hacker then took it into his head to trap the hacker using this process. A method he regularly uses to investigate such stories, by his own admission. He trusts here that it took him fifteen minutes to extract the scammer’s IP address.

As expected, the hacker received the NFT and clicked on it (otherwise no data extraction). In addition to the IP address, it would therefore appear to be certain that it actually has a wallet ghost…

I still had to think about it.

This type of information is sensitive and could really help in the pursuit of the thief, at least initially in his position. The strategist himself could not believe it, the coup worked.

All the more so after revealing the nature of the NFT sent to the pirate and the leverage used to encourage him to click. Long story short, it’s a black and white photo that shows two very naked women.

According to the latest news, the attack is still ongoing and its causes are still unclear, although the cause could be a weakness in an open source code library. Often disparaged, the cryptocurrency community is not just a vision of the mind: the white hats are the best examples.

Stay away from cryptographic drama and hacks – for your safety, rely on reliable and solid partners. Register now on the PrimeXBT platform (commercial link).

Leave a Comment