16 May

Binance's security experts have devised a countermeasure against the increasing prevalence of address poisoning scams, which manipulate investors into inadvertently sending funds to a fraudulent address.

The security team at the world's largest cryptocurrency exchange has developed an algorithm capable of detecting millions of tainted crypto addresses, as detailed in a report:

"Our team has created a unique approach to identifying tainted addresses, enabling us to warn users before they transfer funds to criminals. This method proved crucial in uncovering and flagging over 13.4 million spoofed addresses on BNB Smart Chain and 1.68 million on Ethereum."

Address poisoning, also known as address spoofing, involves scammers sending a small amount of digital assets to a wallet closely resembling a potential victim's address. This tactic aims to incorporate the fraudulent address into the wallet's transaction history, with the hope that the victim will mistakenly copy and transfer funds to the fraudulent address.

Binance's algorithm detects spoofed addresses by initially identifying suspicious transfers, such as those involving near-zero value or unknown tokens. It then pairs these transfers with potential victim addresses and timestamps malicious transactions to pinpoint the likely source of poisoning.

Spoofed addresses are logged in the database of Web3 security firm HashDit, Binance's security partner. This collaboration aims to safeguard the broader crypto industry from poisoning scams, as outlined in Binance's report:

"Many cryptocurrency service providers utilize HashDit's API to enhance their defenses against various scams. Trust Wallet, for instance, utilizes the poisoned address database to alert users when they are on the verge of transferring funds to a spoofed recipient."

The algorithm will also assist in identifying spoofed addresses across HashDit's user-facing products, web browser extensions, and MetaMask Snaps.

After the $68 million scam, address poisoning is becoming a bigger worry

Two weeks ago, an unidentified trader lost $68 million to an address-poisoning fraud, highlighting the need for a preventive algorithm. On May 3, by mistake, they transferred $68 million in Wrapped Bitcoin (wBTC) to a fictitious address in a single transaction.

After other on-chain investigators began to shed light on his possible Hong Kong-based IP addresses, the thief, in an ironic but fortunate turn of events, returned the $68 million on May 13. This implies that the con artist wasn't a white hat hacker but rather a crook who was afraid of the publicity after pulling off the fraud.

Address poisoning scams may appear straightforward to avoid, but many traders typically only verify the first and last digits of a wallet's 42 alphanumeric characters, as most protocols only display these digits.

Compounding the issue, scammers utilize vanity address generators to tailor their addresses, making them appear less random or more akin to a specific address, as highlighted by Binance.

For instance, an authentic Ethereum address like 0x19x30f…62657 could be mimicked using a similar-looking address such as 0x19x30t…72657, which could differ significantly in the middle while maintaining similarity in the first and last few characters.

May 2024, Cryptoniteuae

* The email will not be published on the website.