Skip to content

New Solana Drainers Detected: Blowfish Analysis

Blowfish identifies two new Solana drainers capable of executing bit-flip attacks, raising concerns about security vulnerabilities in the ecosystem. The emergence of these threats underscores the ongoing battle against crypto scams.

Blowfish, a web3 security firm, has identified two new Solana drainers capable of performing bit-flip attacks, as revealed in a Feb. 9 analysis shared on X. Dubbed 'Aqua' and 'Vanish,' these drainers have been observed modifying conditionals within on-chain data, even after users have signed transactions with their private keys.

Scam-as-a-Service Marketplaces

The scripts for these drainers are available for a fee on scam-as-a-service marketplaces, allowing malicious actors to exploit vulnerabilities in the Solana ecosystem. Blowfish's analysis highlights the method used by these drainers to flip data and siphon funds, emphasizing the ease with which they can evade detection.

Bit-Flip Attacks Explained

Bit-flip attacks involve altering the value of certain bits in encrypted data to manipulate a system. This exploitation technique enables attackers to modify encrypted messages without knowledge of the encryption key, potentially leading to unauthorized access or theft of sensitive information.

Rising Threat in Solana Ecosystem

The Solana ecosystem has seen a surge in crypto drainers targeting users' assets. Chainalysis reports a significant increase in the number of communities dedicated to Solana wallet drainers, indicating the growing sophistication of these attacks. Brian Carter, a senior intelligence analyst at Chainalysis, underscores the versatility of the most successful drainer kits in targeting various assets.

Blowfish's Response

Blowfish has taken proactive measures to counter these new threats, implementing defenses to automatically block the identified drainers and actively monitoring on-chain activity. Their efforts aim to protect users and maintain the integrity of the Solana network amidst evolving security challenges.


The emergence of new Solana drainers underscores the ongoing battle against malicious actors in the crypto space. As the threat landscape evolves, collaboration between security firms, blockchain projects, and regulatory authorities becomes increasingly vital to safeguarding users and preserving trust in decentralized ecosystems.