Web 3.0 Wallet Attack - SeaFlower
Hello friends, as you know currency is central to Web 3.0 while the workflows and Wallets are essential to protect what is yours!
Who discovered it? Confiant, a security firm that protects against bad actors in online advertising, uncovered a set of malicious activities it has labeled “SeaFlower,” that target Web3 wallet users.
When - this activity was discovered by Confiant in March '22, however, I am just now reading about it this week.
What is it? A very sophisticated Web 3.0 attack has been found on Android and iPhone Apps, it is now known as SeaFlower.
-
the app installs a backdoor that steals Wallet Keys.
- Provisioning profiles, to bypass iOS security controls requiring App store control designed to protect you
- Apple has since removed those provisioning profiles, but you know hackers are quick to find another way
- Signing infrastructure,
- App provisioning infrastructure hosted in the Chinese IP address space and the Hong Kong IP address spaces
- Additionally, to the domains registered with .cn
What else to consider? Crypto Bridges are weak links in the sense their intrinsic value creates motivation for bad actors (hackers) to target these points within the blockchain networks where value is concentrated.
Summary - you always have to have your guard up as Hackers are relentless and this hack is super sophisticated; you need to be as well. You must understand how your apps work daily and what is outside the normal operating environment. Yeah, this is brutal, so much to know and understand, that is our complex world!!!