Scam Sniffer：多数Solana钱包攻击者会使用第三方域名绕过钱包黑名单

Blockbeats

09 Dec 2024

BlockBeats 消息，12 月 9 日，Web3 安全团队 Scam Sniffer 在 X 上发文称，大多数 Solana 钱包盗币程序会积极使用第三方域名来绕过钱包黑名单。（比如注册已过期的 DAPP 域名，现在则利用 XSS 漏洞。）

如果用户看到 DAPP 弹出第二个窗口（或重定向）要求用户在另一个窗口中进行连接，请仔细检查其是否安全。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2490979615"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2490979615\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2490979615?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2024-12-09 11:13","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2490979615","market":"us","top_or_hot":-1,"title":"Scam Sniffer：多数Solana钱包攻击者会使用第三方域名绕过钱包黑名单","media":"Blockbeats","content":"<html><body><div><p>BlockBeats 消息，12 月 9 日，Web3 安全团队 Scam Sniffer 在 X 上发文称，大多数 Solana 钱包盗币程序会积极使用第三方域名来绕过钱包黑名单。（比如注册已过期的 DAPP 域名，现在则利用 XSS 漏洞。）</p><p>如果用户看到 DAPP 弹出第二个窗口（或重定向）要求用户在另一个窗口中进行连接，请仔细检查其是否安全。</p></div></body></html>","source":"theblockbeats_zh_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Scam Sniffer：多数Solana钱包攻击者会使用第三方域名绕过钱包黑名单</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nScam Sniffer：多数Solana钱包攻击者会使用第三方域名绕过钱包黑名单\n</h2>\n\n<h4 class=\"meta\">\n\n\n2024-12-09 11:13 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//flash/273511><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats 消息，12 月 9 日，Web3 安全团队 Scam Sniffer 在 X 上发文称，大多数 Solana 钱包盗币程序会积极使用第三方域名来绕过钱包黑名单。（比如注册已过期的 DAPP 域名，现在则利用 XSS 漏洞。）如果用户看到 DAPP 弹出第二个窗口（或重定向）要求用户在另一个窗口中进行连接，请仔细检查其是否安全。</p>\n\n<a href=\"https://www.theblockbeats.info//flash/273511\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"DAPP","symbol_name":"VanEck Digital Transformation ETF","start_time":0,"source_url":"https://www.theblockbeats.info//flash/273511","article_id":"2490979615","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2490979615","pubTimestamp":1733713980,"columns":[],"sourceInfo":{"source_id":"theblockbeats_zh_live","name":"blockbeat"},"weMediaInfo":null,"summary":"BlockBeats 消息，12 月 9 日，Web3 安全团队 Scam Sniffer 在 X 上发文称，大多数 Solana 钱包盗币程序会积极使用第三方域名来绕过钱包黑名单。（比如注册已过期的","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"zh","relate_stocks":{"DAPP":"VanEck Digital Transformation ETF"},"translate_title":"Scam Sniffer: Most Solana wallet attackers use third-party domains to bypass wallet blacklists","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"DAPP":1},"content_text":"BlockBeats 消息，12 月 9 日，Web3 安全团队 Scam Sniffer 在 X 上发文称，大多数 Solana 钱包盗币程序会积极使用第三方域名来绕过钱包黑名单。（比如注册已过期的 DAPP 域名，现在则利用 XSS 漏洞。）如果用户看到 DAPP 弹出第二个窗口（或重定向）要求用户在另一个窗口中进行连接，请仔细检查其是否安全。","kind":"live","is_publish_news":false,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"code":"91000000","status":"200"}}}