The developers of ZenGo, a crypto wallet, recently published a blog post revealing security flaws in transaction simulation solutions employed by well-known decentralized applications (dApps).
Details About The ‘Red Pill Attack’
The vulnerability, known as the “red pill attack,” enabled malicious dApps to pilfer user assets by exploiting unclear transaction approvals sent to users. Some users end up authorizing such requests without clearly understanding what they mean.
This vulnerability got its name from the famous “red pill” scene in the movie franchise, The Matrix. Additionally, the blog post said:
“Malware can deceive anti-malware solutions by behaving harmlessly when it detects that it is running in a simulated environment or a “matrix.” As a result, it may only reveal its true malicious intent when executed in an actual environment.”
ZenGo’s investigation showed that numerous prominent vendors, such as Coinbase Wallet, were susceptible to these attacks at some point. ZenGo stated that the vendors were receptive to its reports and that many promptly rectified their faulty implementations.
Furthermore, the security firm noted that the vulnerability arises from a programming error in “Special Variables.” This occurs among smart contracts, which store essential information about the blockchain’s functionality, such as the current block’s timestamp.
According to ZenGo, there is no accurate value for Special Variables during simulations, and developers often take a shorter route and assign them an arbitrary value.
ZenGo Developers Illustrate How The Attack Occurs
In a video presentation, ZenGo developers exhibited how exploiting this method could compromise a smart contract simulation on the Polygon network. The simulation prompts users to transfer native coins in return for another asset.
However, when the user executes the transaction on-chain, the COINBASE Wallet receives the current miner’s non-zero address, and the contract accepts the transferred coins. According to ZenGo, rectifying the vulnerability was uncomplicated.
Instead of assigning random values to the vulnerable variables, simulations should assign meaningful values to them. ZenGo provided blurred screenshots of bug bounties, reportedly received from Coinbase for resolving the problem.
Last month, ZenGo Wallet was awarded a grant by the Ethereum Foundation for conducting Web3 security research. The $50,000 grant is for the firm to research the security of Ethereum Transaction simulation.
Over the years, dApps have been susceptible to security vulnerabilities, which have led to various risks, such as theft of digital assets, manipulation of transactions, and unauthorized access to user data.
Due to the open-source nature of dApps, malicious actors can exploit vulnerabilities in their code to carry out attacks. Hence, security agencies have advised such platforms to audit their codes regularly.