用户Solana钱包在首例 AI 中毒攻击中被利用
注入恶意链接的方法正在增加,甚至似乎已经蔓延到人工智能聊天领域。本案中,AI机器人提出了诈骗API服务,导致用户流失。
用户发现 ChatGPT 并不像他们预期的那样具有安全意识,尤其是当他们尝试创建一个简单的加密应用程序(Pump.fun 的代币保险杠)时,尤其是在加密链接方面。 ChatGPT 提供的 API 链接被污染并导致立即损失。
代币保险杠连接到有缺陷的 API,最终要求钱包的私钥并吸走其所有资产。这一dent及时提醒我们,在 Web3 安全方面,人工智能工具并不完全可靠。
请小心来自@OpenAI的信息!今天,我试图为https://t.co/cIAVsMwwFk编写一个碰撞机器人,并请求@ChatGPTapp帮助我编写代码。我得到了我的要求,但没想到 chatGPT 会向我推荐一个骗局@solana API 网站。我损失了大约 2500 美元🧵 pic.twitter.com/HGfGrwo3ir
— r_ocky.eth 🍌 (@r_cky0) 2024 年 11 月 21 日
The fake API site has been busy with siphoning SOL from multiple wallets. The destination of the exploiter has already performed 281 transactions. While most of the sums were relatively small, all wallets used were compromised.
Rumors of AI poisoning attacks have been around for a while, but the recent attack is the first complete exploit in the crypto space.
The founder of the SlowMist on-chain security firm corroborated the story, stating that the most probable explanation was that the user was playing around with AI without verifying the code. The end product was a functional bot with a carefully disguised backdoor.
Fake Solana API attacks meme token traders
The exploiter used their API link to steal some of the latest meme tokens and store them in an identified known wallet. The haul included USDC, SOL, in addition to ELIZA, CHILLGIRL, and AI16Z.
The site also acted extremely fast after each connection. It is unknown who else made the call to the fake API site, which made its way into OpenAI’s data. One possible explanation is that ChatGPT accesses Python code from multiple repositories, which can be used to contaminate its available data. In the end, the intent to steal wallet data originates from a human agent. Artificial intelligence is only an amplification tool.
The code created by ChatGPT itself generated a part that asked for the private key. According to ScamSniffer, the exploiters deliberately seeded AI-generated Python code, which users would deploy to snipe new Pump.fun tokens.
Trusting the code was the first mistake, as users were quick to demand Moonshot or Pump.fun trading bots. Some of the repositories are still active, while others have been reported.
There is nothing to stop users from attempting to use the bots. The repositories of one such user, Solanaapisdev, still contain risky trading bots, which may end up draining wallets.
It is uncertain who created the bot, but the rush for meme tokens was enough to make unwitting users fall for these malicious trading bots. The best approach is to avoid using unknown repositories, or at least to review the code to the best of one’s knowledge.
Worse, the flawed APIs were also promoted in a Medium article, leading to a documentation page with the same name as the flawed GitHub repository. The available code is promoted to end users who want to automate the process on Jupiter, Raydium, Pump.fun, and Moonshot.
While some services can limit flawed links, there is little to do when end users have decided to risk their wallets with unverified code.
With more than 69K new meme tokens launched, the need and greed for speedy sniping has laid the foundation for a new type of exploit. OpenAI has not mentioned how ChatGPT was trained to create the risky bot code.
Malicious Zoom link scams also evolve
Another elaborate attack is evolving at the same time as the API exploit. The fake Zoom link that downloads malware has also changed.
The service, previously known as Meeten, is now spreading as Meetio, prompting users to download files. The malware also uses elements of social engineering, such as reaching out to crypto influencers, or known large-scale holders.
Recently, one of the fake Zoom meeting exploits drained an influencer’s wallet, leading to a crash in GIGA token prices.
The advice in each case is to store wallets and private keys on a different device than the one used for riskier connections. For token mints and other connections, the best approach is to use a newly assigned wallet.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan
推荐文章
