The Coinbase wallet and other decentralized crypto applications (dapps) have been found to be vulnerable to “red pill attacks”, a method that can be used to mask the malicious behavior of smart contracts from security features.

Coinbase is a leading cryptocurrency exchange that offers a crypto wallet app allowing users to store, manage, and interact with a wide range of digital assets that they can purchase on the platform, including Bitcoin tokens, Ethereum and ERC-20.

ZenGo Wallet security researchers have discovered that dapps, including Coinbase Wallet, are vulnerable to a new attack that allows smart contracts to mask malicious behavior during simulated transactions. This tricks the user into believing that a transaction will be safe and allow them to continue, only later learning that the smart contract has stolen their assets.

The vulnerability was disclosed to Coinbase, which has since addressed the reported security issues and awarded ZenGo Wallet several bug bounties for their responsible disclosure.

Attack simulation

Web3 smart contracts are programs that run automatically when a cryptocurrency takes place, providing developers with a wide range of functionality for websites and crypto assets.

For example, smart contracts can be used to automatically send an NFT to someone after receiving a payment, “tax” users for selling an asset too soon after buying it, or automatically writing content to a website depending on the transaction. Basically anything that can be programmed can be executed by the smart contract.

However, threat actors also misuse smart contracts, using them to steal sent crypto or empty a wallet of assets.

These malicious contract signing requests are difficult to distinguish from legitimate requests, making it difficult for cryptocurrency holders to navigate the dangers.

To prevent these attacks, dapp developers have introduced simulated transaction solutions to emulate the signature of a transaction and predict the outcome before the user approves it. The result of these simulations is then presented to the user, allowing him to see what will happen and to decide if he wishes to allow the transaction to continue.

However, as the ZenGo Wallet report points out, some malicious smart contracts can detect when simulated and demonstrate inauthentic behavior to appear benign or profitable to the target, thus tricking the Web3 emulation security system.

Analysts say threat actors could implement “red pills” in malicious contracts to alter their behavior when simulated and steal money from targets when approved in real life.

This attack is carried out by padding variables in a smart contract with “safe” data during simulations, then swapping them with “malicious” data during a live transaction. This would cause a simulation to show that a smart contract is safe during the simulation, but during a live transaction it steals users’ crypto.

“The “COINBASE” statement contains the address of the current block miner. Since during the simulation there is no actual block and therefore no miner, some simulation implementations simply set it to the address null (all addresses of zeros)”, explains The ZenGo report.

“Therefore, a malicious smart contract can weaponize this red pill ‘COINBASE’ as follows: ask users to send native coins to the contract, if COINBASE is zero (meaning simulation in Polygon), the contract will return coins in return, thus making the transaction potentially profitable for the user when his wallet simulates it.

“However, when the user actually sends the on-chain transaction, COINBASE is actually populated with the non-null address of the current miner and the contract only takes the coins sent.”

The researchers also released the following video to demonstrate this attack.

Note that the simulation indicates that the user will get 0.016 WETH ($30) if they approve the transaction request. However, they get nothing back when performing the live transaction.

Impact

By exploring these “red pill attack” scenarios, ZenGo Wallet found six cryptocurrency wallet dapps vulnerable to exploitation.

These are Coinbase Wallet, Rabby Wallet, Blowfish, PocketUniverse, Fire Extension, and an unnamed extension that has yet to fix the issue.

All of the other providers mentioned above implemented fixes to their transaction simulation shortly after receiving the report from ZenGo Wallet.

The solution to this attack is to stop using arbitrary values ​​for vulnerable variables, preventing their use as “red pills” in malicious contracts.