Backpack Wallet, Blockaid prevent $26.6M loss from DeFi attacks on Solana

Backpack Wallet and Blockaid identified over 71,000 malicious transactions on Solana, avoiding $26.6 million in potential losses between June and September 2024.
Backpack Wallet and Blockaid identified over 71,000 malicious transactions on Solana, avoiding $26.6 million in potential losses between June and September 2024.

Backpack Wallet has identified malicious actors targeting more than 5% of its users engaging with the Solana network. Over 71,000 malicious transactions were detected between June and September 2024, avoiding $26.6 million in potential losses for users.

The transactions were identified through a partnership with security firm Blockaid, which scanned over 180 million transactions from Backpack’s users on Solana during the period.

“Our stats reflect the threats to end-users, meaning that these refer to malicious DApps, scam transactions and harmful contracts,” Blockaid CEO Ido Ben-Natan told Cointelegraph.

According to Ben-Natan, users on the Solana ecosystem are being disproportionately targeted by scammers and attackers — mostly due to the growing activity of memecoin traders. “A lot of these attacks are usually coming from the same actors that populate the EVM [Ethereum Virtual Machine] threat landscape,” he said. The CEO added:

“As EVM-based networks are more mature, the security measurements in the EVM ecosystem are much more effective, and attackers reported that they are unable to get users as easily as before. This is why they’ve targeted Solana.”

Still, malicious actors continue profiting millions of dollars from attacks. One of the common threats faced by users of crypto wallets across blockchain networks is phishing attacks, in which scammers lure investors into linking wallets to fraudulent services.

In September alone, approximately $46 million was stolen from 10,800 investors via phishing scams, amounting to a loss of $127 million over the third quarter of 2024. According to Web3 security firm Scam Sniffer, the biggest victim lost $32.43 million in Spark Wrapped Ethereum (spWETH) during an attack using a permit phishing signature.

Related: Decentraland X account hacked, phishing scam targets MANA airdrop

With Solana’s security catching up to tools used by the Ethereum ecosystem, attackers will likely turn to alternative chains. “We are already seeing this happening in practice, with groups like Angel moving to target Tron and TON, among others,” Ben-Natan explained.  

For crypto users, the solution goes beyond simply avoiding phishing attacks. According to the Ben-Natan, users should not be expected to fight scammers. “Attackers are always moving forward, always looking for an in, and it only takes one incident for a user to lose everything,” noted the CEO, adding: 

“Rather than advising users on how to avoid scams, the industry should focus on making sure that users are protected.”

According to CertiK, overall losses from crypto hacks over the last quarter topped $753 million across 155 incidents.

Magazine: Bankroll Network DeFi hacked, $50M phisher moves crypto on CoW: Crypto-Sec