SolPhishHunter: Towards Detecting and Understanding Phishing on Solana

• URL: http://arxiv.org/abs/2505.04094v1
• Date: Wed, 07 May 2025 03:16:58 GMT
• Title: SolPhishHunter: Towards Detecting and Understanding Phishing on Solana
• Authors: Ziwei Li, Zigui Jiang, Ming Fang, Jiaxin Chen, Zhiying Wu, Jiajing Wu, Lun Zhang, Zibin Zheng,
• Abstract summary: We define three types of SolPhish and develop a detection tool called SolPhishHunter.<n>We detect a total of 8,058 instances of SolPhish and conduct an empirical analysis of these detected cases.<n>The detected SolPhish transactions have resulted in nearly $1.1 million in losses for victims.
• Score: 35.84010295438116
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Solana is a rapidly evolving blockchain platform that has attracted an increasing number of users. However, this growth has also drawn the attention of malicious actors, with some phishers extending their reach into the Solana ecosystem. Unlike platforms such as Ethereum, Solana has distinct designs of accounts and transactions, leading to the emergence of new types of phishing transactions that we term SolPhish. We define three types of SolPhish and develop a detection tool called SolPhishHunter. Utilizing SolPhishHunter, we detect a total of 8,058 instances of SolPhish and conduct an empirical analysis of these detected cases. Our analysis explores the distribution and impact of SolPhish, the characteristics of the phishers, and the relationships among phishing gangs. Particularly, the detected SolPhish transactions have resulted in nearly \$1.1 million in losses for victims. We report our detection results to the community and construct SolPhishDataset, the \emph{first} Solana phishing-related dataset in academia.

Related papers

• PiMRef: Detecting and Explaining Ever-evolving Spear Phishing Emails with Knowledge Base Invariants [15.892817656568063]
  Phishing emails are a critical component of the cybercrime kill chain due to their wide reach and low cost.<n>We propose PiMRef, the first reference-based phishing email detector that leverages knowledge-based invariants.<n>In a real-world evaluation of 10,183 emails across five university accounts over three years, PiMRef achieved 92.1% precision, 87.9% recall, and a median runtime of 0.05s.
  arXiv  Detail & Related papers  (2025-07-21T08:53:41Z)
• SolRPDS: A Dataset for Analyzing Rug Pulls in Solana Decentralized Finance [0.6367946001576646]
  Rug pulls in Solana have caused significant damage to users interacting with Decentralized Finance (DeFi)<n>A rug pull occurs when developers exploit users' trust and drain liquidity from token pools on Decentralized Exchanges (DEXs)<n>We introduce SolRPDS, the first public rug pull dataset derived from Solana's transactions.
  arXiv  Detail & Related papers  (2025-04-06T11:36:48Z)
• Detecting Malicious Accounts in Web3 through Transaction Graph [5.860182743283932]
  ScamSweeper is a novel framework to identify web3 scams on a large-scale transaction dataset. Our experiments indicate that ScamSweeper exceeds the state-of-the-art in detecting web3 scams.
  arXiv  Detail & Related papers  (2024-10-28T03:56:22Z)
• BlockFound: Customized blockchain foundation model for anomaly detection [47.04595143348698]
  BlockFound is a customized foundation model for anomaly blockchain transaction detection. We introduce a series of customized designs to model the unique data structure of blockchain transactions. BlockFound is the only method that successfully detects anomalous transactions on Solana with high accuracy.
  arXiv  Detail & Related papers  (2024-10-05T05:11:34Z)
• Eyes on the Phish(er): Towards Understanding Users' Email Processing Pattern and Mental Models in Phishing Detection [0.4543820534430522]
  This study examines how workload affects susceptibility to phishing. We use eye-tracking technology to observe participants' reading patterns and interactions with phishing emails. Our results provide concrete evidence that attention to the email sender can reduce phishing susceptibility.
  arXiv  Detail & Related papers  (2024-09-12T02:57:49Z)
• Dissecting Payload-based Transaction Phishing on Ethereum [13.398858969125495]
  payload-based transaction phishing (PTXPHISH) manipulates smart contract interactions through the execution of malicious payloads to deceive users. PTXPHISH has rapidly emerged as a significant threat, leading to incidents that caused losses exceeding $70 million in 2023 reports. We establish the first ground-truth PTXPHISH dataset, consisting of 5,000 phishing transactions. We propose a rule-based multi-dimensional detection approach to identify PTXPHISH, achieving over 99% accuracy in the ground-truth dataset.
  arXiv  Detail & Related papers  (2024-09-04T02:26:59Z)
• Identifying key players in dark web marketplaces [58.720142291102135]
  This paper aims to identify the key players in Bitcoin transaction networks linked to dark markets. We show that a large fraction of the traded volume is concentrated in a small group of elite market participants. Our findings suggest that understanding the behavior of key players in dark web marketplaces is critical to effectively disrupting illegal activities.
  arXiv  Detail & Related papers  (2023-06-15T20:30:43Z)
• An Empirical Investigation of Personalization Factors on TikTok [77.34726150561087]
  Despite the importance of TikTok's algorithm to the platform's success and content distribution, little work has been done on the empirical analysis of the algorithm. Using a sock-puppet audit methodology with a custom algorithm developed by us, we tested and analysed the effect of the language and location used to access TikTok. We identify that the follow-feature has the strongest influence, followed by the like-feature and video view rate.
  arXiv  Detail & Related papers  (2022-01-28T17:40:00Z)
• E-Commerce Dispute Resolution Prediction [69.84319333335935]
  We take a first step towards automatically assisting human agents in dispute resolution at scale. We construct a large dataset of disputes from the eBay online marketplace, and identify several interesting behavioral and linguistic patterns. We then train classifiers to predict dispute outcomes with high accuracy.
  arXiv  Detail & Related papers  (2021-10-13T09:45:06Z)
• DFraud3- Multi-Component Fraud Detection freeof Cold-start [50.779498955162644]
  The Cold-start is a significant problem referring to the failure of a detection system to recognize the authenticity of a new user. In this paper, we model a review system as a Heterogeneous InformationNetwork (HIN) which enables a unique representation to every component. HIN with graph induction helps to address the camouflage issue (fraudsterswith genuine reviews) which has shown to be more severe when it is coupled with cold-start, i.e., new fraudsters with genuine first reviews.
  arXiv  Detail & Related papers  (2020-06-10T08:20:13Z)
• Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them [91.3755431537592]
  Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
  arXiv  Detail & Related papers  (2020-05-31T18:10:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.