Cointime

Cointime

Download App
iOS & Android

MetaMask Warns of ‘Address Poisoning’ Wallet Scam

MetaMask notified the crypto community of a new type of scam called “address poisoning” in a recent post.

The scam was rated as “rather innocuous compared to other scam types.” However, the company warned that address poisoning still has the potential to dupe unsuspecting users into losing funds.

“Address poisoning is an attack vector that, in contrast to other scams — which often use methods that have served many scammers so well, such as unlimited token approvals, phishing for your Secret Recovery Phrase, etc. — relies on user carelessness and haste above all else.”

How “address poisoning” works

Address poisoning centers on wallet addresses being long hexadecimal numbers that are difficult to remember and easy to mistake for other, similar addresses.

Crypto addresses are often shortened to show the first few characters, a blank, and then the last few. Scammers exploit the tendency to trust the familiarity of the first and last few characters.

When transacting, the usual routine consists of copying and pasting an address. Many wallet providers, including MetaMask, feature a one-click function to copy an address.

Address poisoning exploits users’ inattention at this point in the transaction process. Specifically, scammers observe and track transactions of particular tokens, with stablecoins commonly targeted. Then, using a “vanity” address generator, the scammer will create an address that closely matches the target address, especially the first and last few characters.

The scammer sends a transaction of nominal value from the newly generated address to the target address; at this point, the latter becomes poisoned.

In the future, when wishing to send a transaction, the user may mistakenly copy the wrong address based on the familiarity of the first and last few characters. Once executed, the funds end up with the scammer.

“And since on-chain transactions like this are immutable (cannot be altered once confirmed), the lost funds will be irretrievable.”

MetaMask explains how to stay safe

Unfortunately, the nature of public blockchains means anyone, including scammers, can send transactions to any address if they choose.

MetaMask reiterated the importance of checking every address character when sending funds, not just the first and last few.

“Develop a habit of thoroughly checking every single character of an address before you send a transaction. This is the only way to be completely sure you’re sending to the right place.”

Other strategies to avoid falling victim to address poisoning include not using transaction history to copy addresses, whitelisting frequently used addresses to avoid copying and pasting altogether, and using test transactions, especially when transferring large sums.

Comments

All Comments

Recommended for you

  • SlowMist: Beware of watering hole attacks launched by malicious attackers using WordPress plugin vulnerabilities

    SlowMist Security has issued a warning that attackers have recently been exploiting vulnerabilities in WordPress plugins to inject malicious JS code into normal websites and launch watering hole attacks. These attacks involve popping up malicious windows when users visit the site, deceiving them into executing malicious code or performing Web3 wallet signatures, thereby stealing their assets. It is recommended that sites using WordPress plugins check for vulnerabilities, update plugins in a timely manner, and avoid being attacked. When visiting any website, users should carefully identify the downloaded programs and Web3 signature content to avoid downloading malicious programs or having their assets stolen due to malicious signatures.

  • Unverified Ember Sword NFT auction contract vulnerability has caused nearly $200,000 in losses

    Certik has discovered a vulnerability in the unverified Ember Sword NFT auction contract, which has earned 60 WETH (approximately $195,000) from 159 victims who approved the contract. Certik reminds users to revoke their approval of the relevant contract on Polygon.

  • zkSync ecological lending platform xBank Finance suspected of RUG

    xBank Finance, a zkSync ecosystem lending platform, was suspected of being a RUG, and the protocol's TVL was close to zero. The project's official Twitter account has been frozen.

  • Scammers use fake USDT balances to defraud cryptocurrency users

    SlowMist has partnered with Imtoken to uncover a new cryptocurrency scam that uses offline transactions and USDT. Scammers manipulate the Ethereum RPC to falsify the USDT balance in the victim's wallet. The scammer lures the victim to change their Ethereum RPC URL to a URL controlled by them, making it appear that the victim has deposited USDT funds, but in reality, the victim is left empty-handed when attempting to trade. In addition, the scam also deceives users through small transfers to gain trust, then manipulates account balances and contract information, posing serious risks to unsuspecting users and is related to a wider range of pig slaughter scam activities.

  • Cointime April 27th News Express

    1. ETH falls below $3,100

  • HKEX: Accepts BOS HashKey, Huaxia, Harvest Bitcoin and Ethereum ETFs as eligible securities for multiple counters in the central clearing system

    On April 27th, the Hong Kong Stock Exchange issued three notices, announcing the inclusion of Bo Shi HashKey Bitcoin ETF shares and Bo Shi HashKey Ethereum ETF shares, Huaxia Bitcoin ETF shares and Huaxia Ethereum ETF shares, and Jia Shi Bitcoin Spot ETF shares and Jia Shi Ethereum Spot ETF shares as Central Clearing System multi-counterparty eligible securities. It is reported that:

  • Russia’s Central Bank and Rosfinmonitoring unveil pilot of fiat-to-crypto tracking system

    According to reports, since 2023, Russia has been trying to track cryptocurrency transactions and their sources. The Russian Central Bank and the Federal Financial Monitoring Service (Rosfinmonitoring) revealed that there is currently a system that allows private banks to track the connection between fiat-based transactions and cryptocurrency business.

  • PolkaWorld: Coretime trading on Kusama has started

    On April 27th, PolkaWorld announced that Coretime trading on Kusama has begun, marking the end of the era of parallel chains. With the approval and implementation of Kusama proposal 373, the proposal will upgrade the Kusama relay chain runtime to v1.2.0 and bring Coretime functionality. Shortly thereafter, the Kusama community approved Kusmaa proposal 375 last Friday, allowing Coretime chain to begin selling Coretime. Currently, Kusama is in the Renew Period and is selling batches of Coretime.

  • Over $155 million worth of MEME will be unlocked on May 3, accounting for 31.96% of the circulating supply

    According to Token Unlocks data, 5.31 billion MEME tokens, worth over $155 million, will be unlocked on May 3, 2024, accounting for 31.96% of the circulating supply. These tokens will be unlocked and distributed to airdrops, advisors, and investors.

  • The total open interest of BTC options is $17.83 billion, and the open interest of ETH options is $8.07 billion.

    Coinglass data shows that the nominal value of unclosed BTC option positions on the entire network is 17.83 billion US dollars, which is the lowest point since February 26; the nominal value of unclosed ETH option positions is 8.07 billion US dollars, which is the lowest point since February 25.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company