The recent $ 5 million + blockchain hack from Solana made headlines in the crypto media. During the hack, some so-called “white hat hackers” joined the fight and helped slow this attack.
Mobilize white hats to limit damage
it’s about attack Slope mobile wallets what the pirates could steal more than 5 million dollars. To do this, they managed to recover many private keys that gave them access to the funds. As we reminded you in our article, this hack will affect from 5 to 8000 wallets.
Many developers gathered in the early hours of this attack Try to better understand the ongoing attack And how You can limit the damage. One of these developers Sol BlazeSo the founder of the staking pool, Solana, came up with an interesting solution to thwart hackers as much as possible.
The principle is as follows: Use a script to register a block hacker accounts that would allow it to slow down their transactions. On the Solana blockchain, any transaction that changes an account, e.g. B. change in account balance, set a write lock for this account for a short period.
The developer took advantage of this. As Michael Hubbard, founder and CEO of Laine, Solana validator, puts it:
The developer thought he could permanently activate a write lock on the hacker’s accounts. This prevents the successful completion of transactions.
View of Save time and significantly reduce damage pirate / I. This script has been used by many white hats, ethical hackers who come to the rescue of protocols or blockchains that are under attack. This is how white hat hackers allowed Nomad Bridge to contain the damage from their latest hack, at least according to SolBlaze. 5-10 white hats helped slow the theft.
There are results. However, according to SolBlaze, only 300 wallets were affected by money theft in the hour when the white hatsrammed the hackers with this script. This number was Before that, more than 2000 per hour. A notable difference that has certainly saved a lot of money in combat.
Script that works but causes other problems
While this solution is effective, it is also effective caused a problem with the size. Indeed, RPC serverwhose role is, in particular, facilitate network traffic, collapsed. However, according to Michael Hubbard, it was more bad game who discovered the mistake, only of his own free will.
PLEASE NO DDOS RPC SERVER! THIS IS JUST MORE DIFFICULT FOR SOLANA AND DEVELOPERS DIAGNOSING THE PROBLEM.
– SolBlaze.org | Come aboard with us! (@solblaze_org) August 3, 2022
This error caused some RPC servers to work Difficult access to the Solana blockchain and has in particular Users are prevented from transferring and protecting their funds. Likewise, it has slowed down the work of developers and security professionals trying to understand the source of the attack to better stop it. Solblaze summarizes the problems caused by this script and its intense spamming:
It was difficult to use Explorer to track an attacker’s transactions and it was also difficult for people to move their funds from their wallets to a safer place.
These fears were not justified arousing mockery, especially on Twitter due to multiple disruptions to the Solana blockchain over the past few months. True, the stability of one of the largest capitalizations raises questions. How can you trust a technological solution that it breaks so often ask many crypto-ecosystem analysts.
Eventually the RPC servers received a fix and were able to resume normal operation. The Solana Foundation teams continued their research and shed light on the role of the Slope wallet, which we talked about this morning in our article on this hack.
Finally, apart from the shortcomings of Solana, this case highlights the fundamental role of the white hat in the cryptocurrency ecosystem. Thanks to this scenario, and despite the anxiety it may have caused, we can think so. Many users have avoided having their funds stolen. These ethical hackers, true cybersecurity experts, have once again made it possible to significantly limit the extent of the damage. These hackers, often spotted and depicted in cartoons, prove it. The profession is not contrary to the common good !
To learn more about the other hack of the week, the Nomad Bridge hack, check out our article here.