Best Way to Explain Address Poisoning Attacks: What They Are and How to Stay Safe
Address Poisoning don’t allow an attack on your address ruin your day! Keep your funds secure from this latest nefarious cryptocurrency fraud!
In early 2023, a new sort of bitcoin attack emerged, simply known as “address poisoning.” The attack’s premise is straightforward: utilize transactions designed to deceive the target into sending funds to the attacker’s address.
The attack was originally detected in December 2022, but its frequency has since increased substantially, with an estimated $5 to $10 million lost to the fraud – a figure that is still climbing to this day.
At least $2.8 million has been stolen from BNB Chain users, the vast bulk of which is in USD Coin (USDC) or Tether (USDT). The attack has now affected at least 1,000 unique users.
The majority of significant blockchains are presently being utilized to
Execute the attack. Address poisoning campaigns have targeted tens of millions of active addresses to date.
This scam is carried out in a variety of ways. We’ll go over two of the most popular ones here.
Method 1: Creating Fake Contracts
In the first case, the attacker constructs a smart contract that transfers tokens with zero amounts to a similar address to the victim’s address. When the victim first observes this transaction, they may not pay much attention to it.
However, the victim may mistakenly copy the phishing address from the transaction history on Etherscan or their wallet app instead of the intended recipient address the next time they try to make a valid transfer. As a result of this error, the victim transfers their cryptocurrency to the attacker’s address.
This address is intended to be identical to the victim’s, with the first (and often last) few characters matching exactly. For the sake of brevity, wallets and explorers often display only these characters. As a result,
Most people just know their wallet’s first and last few characters.
In some variants of this scam, the attacker creates a bogus token contract and transfers a large sum of the token to the target. This is typically a forgery of a popular token, such as USDT or USDC. The attacker can then execute a transaction that invokes the transferFrom function of this token contract to make it appear that the target address sends 0 tokens to the recipient (the attacker’s address).
This is done to maximize the likelihood that the victim will copy the last receiver’s address, believing that they have already transacted with this address.
Although some block explorers now hide these transactions by default, many still do. These transactions will still be visible in in-app transaction logs and explorers.
Method 2 Breadcrumbing
The attacker establishes a vanity address that is remarkably close to the victim’s address in the second case. They then transmit extremely modest sums of cryptocurrency to the victim’s address in the hope that the victim would check the balance on a block explorer and notice the attacker’s address in the transaction history.
When you notice a transaction for a token you frequently interact with in your transaction history, the attacker hopes you will copy the recipient address (thinking it is your own) and then send funds to that address.
Sending a tiny amount of money to thousands of wallets can be costly, as you might think. Attackers have spent millions of dollars in transaction fees just to carry out assaults on the Ethereum network.Because the transactions appear legal and may not raise any alarms, these attacks can be difficult to detect. Victims can protect themselves by constantly double-checking the address of the recipient before sending any cryptocurrency.
How Can You Avoid Address Poisoning Attacks?
inevitably, there is little you can do to avoid being the target of an address poisoning assault. The attackers typically target someone who transacts frequently and/or sends or gets substantial sums of money.
If you become a victim of an address poisoning attack, your best line of action is to simply empower yourself with knowledge of how they function so that you do not become a victim of one. Then, simply disregard transactions connected with address poisoning attacks.
Aside from that, there are a few transaction hygiene techniques you may employ to reduce your chances of getting fooled. These are some examples:
Set up notifications: You may use several tools to set up alerts that will tell you when your address transacts or interacts with certain smart contracts. These can be used to confirm your regular transactions (while ignoring anything else) or to alert suspicious transactions involving your address.
Make a list of contacts: Address poisoning attacks work by misleading you into sending funds to a wallet that you believe is your own or to someone with whom you routinely deal. By adding wallets with which you routinely deal to your contact list, you may totally remove the danger of falling victim to this assault. A contact list or address book is currently available in almost every major cryptocurrency wallet.
Use a reliable source: Get the recipient’s address from a reliable source. This Using an official website, social media account, or other verified communication channels could be examples. Avoid clicking on links or utilizing addresses received from untrustworthy sources, and never rely on previous transactions to determine the recipient’s address without first double-checking.
Use a name service: Name service addresses, such as those supplied by the Ethereum Name Service (ENS) or BSC Name Service (BNS), can add an extra layer of security because they are impossible to copy and their short length makes them considerably more difficult to fake.
Some Web3 wallets allow you to filter transactions by contract address or whitelist only specified contract addresses for a more technical solution. The official contract address for your target tokens can then be found on the CoinMarketCap coin information page. Exodus and MyEtherWallet (MEW) are two popular solutions.
Many block explorers will automatically categorize these transactions as suspicious or likely phishing attempts, but this takes time. As a result, it is not a reliable method of determining if a transaction represents an address-poisoning assault especially if the transaction is recent.
About The Author
