SlowMist: Beware of Solana Wallet Owner Authority Tampering Attack

By: theblockbeats.news|2025/12/03 11:45:54

BlockBeats News, December 3rd. SlowMist Security Team released a security advisory regarding a recent phishing attack incident. A user fell victim to a phishing attack, resulting in the transfer of the account's Owner permission. The user attempted to revoke the authorization but was unable to do so. The user's assets worth over $3 million were stolen, with an additional $2 million worth of assets stored in a DeFi protocol that could not be transferred (currently, this part of the assets worth around $2 million has been successfully rescued with the assistance of the related DeFi protocol). This attack was not the traditional "authorization theft" but rather a replacement of the core permission (Owner permission) by the attacker, rendering the victim unable to transfer funds, revoke authorization, or operate DeFi assets despite the funds "appearing normal" but being beyond their control.

The attacker exploited two counterintuitive scenarios to successfully deceive the user into clicking:

1. Usually, when signing a transaction, the wallet would simulate the execution result of the transaction. If there were any fund changes, it would be displayed on the user interface. However, the attacker's carefully crafted transaction showed no fund changes;

2. In the traditional Ethereum EOA account, the ownership is controlled by the private key. Users subjectively were unaware that Solana has a feature that can modify account ownership.

SlowMist reminds users to be vigilant when authorizing signatures and to confirm whether there are hidden operations such as modifying high-risk permissions like Owner in them.

Te puede gustar

Diez personas redefiniendo los límites de energía de Crypto en 2025

De Wall Street a la Casa Blanca, de Silicon Valley a Shenzhen, una nueva red eléctrica está tomando forma.

Los Gigantes de Ethereum Acumulan Monedas: Reflexiones y Predicciones para el Futuro

Key Takeaways En la última semana, grandes inversores han incrementado su posesión de Ethereum (ETH) de forma significativa.…

Fed Q1 2026 Outlook: Potential Bitcoin and Crypto Market Impacts

Key Takeaways Fed pauses on rate cuts could put pressure on the crypto market, but “stealth QE” measures…

Ethereum en 2026: Forks Glamsterdam y Hegota, y escalado de L1

Key Takeaways En 2026, se espera que Ethereum implemente el fork Glamsterdam, mejorando el procesamiento paralelo perfecto y…

Aave governance vote ends in rejection after community feedback

Key Takeaways Aave’s governance proposal to place control of brand assets under DAO ownership was rejected by the…

Ethereum poco probable que alcance nuevos máximos en 2026: análisis de Ben Cowen

Key Takeaways Ben Cowen, analista de criptomonedas, cree que Ethereum probablemente no alcanzará nuevos máximos en 2026 debido…

Blockchains se preparan en silencio para la amenaza cuántica mientras Bitcoin debate el cronograma

Los blockchains altcoin están tomando medidas para protegerse contra los riesgos cuánticos a largo plazo, mientras Bitcoin enfrenta…

Pudgy Penguins lleva personajes NFT a la Esfera de Las Vegas durante Navidad

Puntos Clave Pudgy Penguins presentó animaciones en la Esfera de Las Vegas durante las festividades navideñas, llevando sus…

Vitalik Buterin dice que Grok mantiene a X de Musk más honesto

Key Takeaways: Grok, el chatbot de inteligencia artificial en X, se ha convertido en un recurso clave para…

Aave governance vote ends in rejection after community dissent

Una votación de gobernanza en Aave fue rechazada, reflejando tensiones sobre la captura de valor y la estructura…

Las Blockchain se Preparan en Silencio para la Amenaza Cuántica mientras Bitcoin Debate su Cronograma

Key Takeaways La anticipación de las computadoras cuánticas está moviendo a los blockchains alternativos a adoptar medidas de…

Ethereum Unlikely to Hit New Highs by 2026: Insight from Ben Cowen

Key Takeaways: Crypto analyst Ben Cowen predicts that Ethereum may not reach new highs by 2026, labeling potential…

Narratives versus Reality: What is Behind BTC and Altcoin Prices?

Key Takeaways A 56% rally in Bitcoin followed US election results, highlighting the interplay between narratives and liquidity.…

Ethereum Unlikely to Reach New Highs in 2026: Ben Cowen

Key Takeaways: Analyst Ben Cowen expresses skepticism about Ethereum reaching new highs by 2026, labeling any potential peak…

El token Canton se dispara tras el anuncio de la DTCC sobre la tokenización de Tesorerías

Key Takeaways El token Canton ha experimentado un notable incremento del 27% tras el anuncio de la DTCC…

The Evolution of Cryptocurrency Exchanges in 2025

I’m sorry, but I don’t have access to the specific content of the article you’re referring to. However,…

Former SEC Counsel Explains How to Make Real-World Assets Compliant

Key Takeaways The SEC’s evolving stance on cryptocurrencies is increasingly supporting the growth of tokenized real-world assets (RWAs),…

Blockchains Discreetly Prepare for Quantum Challenge Amid Bitcoin’s Debate

Quantum computing’s potential impact on blockchain security is a growing concern, with altcoins leading preparations. Ethereum emphasizes early…