用戶Solana錢包在首例 AI 中毒攻擊中被利用
注入惡意鏈接的方法正在增加,甚至似乎已經蔓延到人工智能聊天領域。本案中,AI機器人提出了詐騙API服務,導致用戶流失。
用戶發現 ChatGPT 並不像他們預期的那樣具有安全意識,尤其是當他們嘗試創建一個簡單的加密應用程序(Pump.fun 的代幣保險槓)時,尤其是在加密鏈接方面。 ChatGPT 提供的 API 鏈接被污染並導致立即損失。
代幣保險槓連接到有缺陷的 API,最終要求錢包的私鑰並吸走其所有資產。這一dent及時提醒我們,在 Web3 安全方面,人工智能工具並不完全可靠。
請小心來自@OpenAI的信息!今天,我試圖爲https://t.co/cIAVsMwwFk編寫一個碰撞機器人,並請求@ChatGPTapp幫助我編寫代碼。我得到了我的要求,但沒想到 chatGPT 會向我推薦一個騙局@solana API 網站。我損失了大約 2500 美元🧵 pic.twitter.com/HGfGrwo3ir
— r_ocky.eth 🍌 (@r_cky0) 2024 年 11 月 21 日
The fake API site has been busy with siphoning SOL from multiple wallets. The destination of the exploiter has already performed 281 transactions. While most of the sums were relatively small, all wallets used were compromised.
Rumors of AI poisoning attacks have been around for a while, but the recent attack is the first complete exploit in the crypto space.
The founder of the SlowMist on-chain security firm corroborated the story, stating that the most probable explanation was that the user was playing around with AI without verifying the code. The end product was a functional bot with a carefully disguised backdoor.
Fake Solana API attacks meme token traders
The exploiter used their API link to steal some of the latest meme tokens and store them in an identified known wallet. The haul included USDC, SOL, in addition to ELIZA, CHILLGIRL, and AI16Z.
The site also acted extremely fast after each connection. It is unknown who else made the call to the fake API site, which made its way into OpenAI’s data. One possible explanation is that ChatGPT accesses Python code from multiple repositories, which can be used to contaminate its available data. In the end, the intent to steal wallet data originates from a human agent. Artificial intelligence is only an amplification tool.
The code created by ChatGPT itself generated a part that asked for the private key. According to ScamSniffer, the exploiters deliberately seeded AI-generated Python code, which users would deploy to snipe new Pump.fun tokens.
Trusting the code was the first mistake, as users were quick to demand Moonshot or Pump.fun trading bots. Some of the repositories are still active, while others have been reported.
There is nothing to stop users from attempting to use the bots. The repositories of one such user, Solanaapisdev, still contain risky trading bots, which may end up draining wallets.
It is uncertain who created the bot, but the rush for meme tokens was enough to make unwitting users fall for these malicious trading bots. The best approach is to avoid using unknown repositories, or at least to review the code to the best of one’s knowledge.
Worse, the flawed APIs were also promoted in a Medium article, leading to a documentation page with the same name as the flawed GitHub repository. The available code is promoted to end users who want to automate the process on Jupiter, Raydium, Pump.fun, and Moonshot.
While some services can limit flawed links, there is little to do when end users have decided to risk their wallets with unverified code.
With more than 69K new meme tokens launched, the need and greed for speedy sniping has laid the foundation for a new type of exploit. OpenAI has not mentioned how ChatGPT was trained to create the risky bot code.
Malicious Zoom link scams also evolve
Another elaborate attack is evolving at the same time as the API exploit. The fake Zoom link that downloads malware has also changed.
The service, previously known as Meeten, is now spreading as Meetio, prompting users to download files. The malware also uses elements of social engineering, such as reaching out to crypto influencers, or known large-scale holders.
Recently, one of the fake Zoom meeting exploits drained an influencer’s wallet, leading to a crash in GIGA token prices.
The advice in each case is to store wallets and private keys on a different device than the one used for riskier connections. For token mints and other connections, the best approach is to use a newly assigned wallet.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan
推薦文章
