cryptopolitan.com
تتزايد طرق حقن الروابط الضارة، ويبدو أنها انتشرت حتى إلى دردشة الذكاء الاصطناعي. في هذه الحالة، اقترح روبوت الذكاء الاصطناعي خدمات API احتيالية، مما أدى إلى خسائر في المستخدمين.
اكتشف أحد المستخدمين أن ChatGPT ليس واعيًا بالأمن كما توقع، خاصة فيما يتعلق بروابط التشفير عندما حاولوا إنشاء تطبيق تشفير بسيط، وهو عبارة عن مصد رمزي لـ Pump.fun. كان رابط API الذي قدمه ChatGPT ملوثًا وأدى إلى خسارة فورية.
تم توصيل مصد الرمز المميز بواجهة برمجة التطبيقات المعيبة، والتي انتهت بالمطالبة بالمفتاح الخاص للمحفظة وسحب جميع أصولها. يعد هذا dent بمثابة تذكير في الوقت المناسب بأن أدوات الذكاء الاصطناعي ليست موثوقة تمامًا عندما يتعلق الأمر بأمان Web3.
كن حذرًا مع المعلومات الواردة من OpenAI ! كنت أحاول اليوم كتابة روبوت نتوء لـ https://t.co/cIAVsMwwFk وطلبت من @ChatGPTapp مساعدتي في الكود. لقد حصلت على ما طلبته ولكن لم أتوقع أن يوصيني chatGPT بموقع احتيالي @solana API. لقد خسرت حوالي 2.5 ألف دولار 🧵 pic.twitter.com/HGfGrwo3ir
— r_ocky.eth 🍌 (@r_cky0) 21 نوفمبر 2024
The fake API site has been busy with siphoning SOL from multiple wallets. The destination of the exploiter has already performed 281 transactions. While most of the sums were relatively small, all wallets used were compromised.
Rumors of AI poisoning attacks have been around for a while, but the recent attack is the first complete exploit in the crypto space.
The founder of the SlowMist on-chain security firm corroborated the story, stating that the most probable explanation was that the user was playing around with AI without verifying the code. The end product was a functional bot with a carefully disguised backdoor.
Fake Solana API attacks meme token traders
The exploiter used their API link to steal some of the latest meme tokens and store them in an identified known wallet. The haul included USDC, SOL, in addition to ELIZA, CHILLGIRL, and AI16Z.
The site also acted extremely fast after each connection. It is unknown who else made the call to the fake API site, which made its way into OpenAI’s data. One possible explanation is that ChatGPT accesses Python code from multiple repositories, which can be used to contaminate its available data. In the end, the intent to steal wallet data originates from a human agent. Artificial intelligence is only an amplification tool.
The code created by ChatGPT itself generated a part that asked for the private key. According to ScamSniffer, the exploiters deliberately seeded AI-generated Python code, which users would deploy to snipe new Pump.fun tokens.
Trusting the code was the first mistake, as users were quick to demand Moonshot or Pump.fun trading bots. Some of the repositories are still active, while others have been reported.
There is nothing to stop users from attempting to use the bots. The repositories of one such user, Solanaapisdev, still contain risky trading bots, which may end up draining wallets.
It is uncertain who created the bot, but the rush for meme tokens was enough to make unwitting users fall for these malicious trading bots. The best approach is to avoid using unknown repositories, or at least to review the code to the best of one’s knowledge.
Worse, the flawed APIs were also promoted in a Medium article, leading to a documentation page with the same name as the flawed GitHub repository. The available code is promoted to end users who want to automate the process on Jupiter, Raydium, Pump.fun, and Moonshot.
While some services can limit flawed links, there is little to do when end users have decided to risk their wallets with unverified code.
With more than 69K new meme tokens launched, the need and greed for speedy sniping has laid the foundation for a new type of exploit. OpenAI has not mentioned how ChatGPT was trained to create the risky bot code.
Malicious Zoom link scams also evolve
Another elaborate attack is evolving at the same time as the API exploit. The fake Zoom link that downloads malware has also changed.
The service, previously known as Meeten, is now spreading as Meetio, prompting users to download files. The malware also uses elements of social engineering, such as reaching out to crypto influencers, or known large-scale holders.
Recently, one of the fake Zoom meeting exploits drained an influencer’s wallet, leading to a crash in GIGA token prices.
The advice in each case is to store wallets and private keys on a different device than the one used for riskier connections. For token mints and other connections, the best approach is to use a newly assigned wallet.
A Step-By-Step System To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.