Cybersecurity experts AMLBot said that unlike typical hacks of crypto wallets, these hackers did not seek to immediately withdraw all the funds of their victims, but set themselves the goal of seizing control of the wallets while remaining undetected by users.
Then they blocked all outgoing transactions, which also remained unobvious to the victims of the attack, since the operations of replenishing the crypto wallet took place as usual. Thus, the injured party continued to “enrich the hackers”, but was actually deprived of access to its funds.
The vector of the hacker attack was aimed at compromising the UpdateAccountPermission function of Tron wallets, which was supposed to improve account security by allowing crypto account holders to assign certain roles to keys, set weights and thresholds for approving transactions. During the attack, the hackers managed to implicitly add their key to the account and configure it to block outgoing transactions.
“Tron wallets do not have any notification or information that someone has added another key to your wallet. There is absolutely no indication that your wallet has disappeared until you send an outgoing transaction yourself,” AMLBot representatives said.
It is impossible for attackers to use the UpdateAccountPermission function without access to the private key and, therefore, the victims’ wallets were vulnerable due to inadequate security measures when the account user himself compromised the private key, experts explained.
Earlier, journalists from BleepingComputer reported that users of Ledger hardware wallets were subjected to a phishing attack aimed at stealing private keys and recovery phrases.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
