Home CryptocurrencyAltcoin Binance develops 'antidote' to tackle poisoning scams after $68 million exploit

Binance develops 'antidote' to tackle poisoning scams after $68 million exploit

by SuperiorInvest

Binance security experts have developed an “antidote” to the growing cases of address poisoning scams, which trick investors into voluntarily sending funds to a fraudulent address.

The security team at the world's largest cryptocurrency exchange developed an algorithm that detected millions of poisoned crypto addresses, according to a report shared with Cointelegraph:

“We have developed a unique method for identifying poisoned addresses, which helps us alert users before they send money to criminals and was instrumental in identifying and flagging over 13.4 million spoofed addresses on BNB Smart Chain and 1.68 million in Ethereum.”

Address poisoning, or address spoofing, is a deception trick in which scammers send a small amount of digital assets to a wallet that closely resembles the potential victim's address, so that it becomes part of the transaction history. from the wallet, hoping that the victim will accidentally copy and send funds to their address.

Binance's algorithm detects spoofed addresses by first identifying suspicious transfers, such as those with close to zero value or unknown tokens, matching them with addresses of potential victims, and timestamping malicious transactions to find the potential poisoning point.

The spoofed addresses are registered in the database of security firm Web3 HashDit, Binance's security partner, which will help protect the broader crypto industry from poisoning scams, according to the Binance report.

“Many cryptocurrency service providers use the HashDit API to bolster their defenses against a variety of scams. One of them, for example, is Trust Wallet, which uses the poisoned address database to alert users when they are about to transfer funds to a spoofed recipient.”

The algorithm will also help detect spoofed addresses in HashDit's user-facing products, web browser extensions, and MetaMask Snaps.

Related: Post-FTX Crypto Industry Needs Education Before Regulation: Former Biden Advisor

Address poisoning a growing concern after $68 million scam

The need for a preventive algorithm became evident two weeks ago, after an unknown trader lost $68 million in an address poisoning scam. They accidentally sent $68 million in wrapped Bitcoin (wBTC) in a single transaction to a spoofed address on May 3.

In a fortunate but mysterious turn of events, the thief returned the $68 million on May 13, after numerous chain investigators began shedding light on his possible Hong Kong-based IP addresses. This suggests that the scammer was not a white hat hacker, but rather a thief who became scared of public attention after the scam.

Address poisoning scams may seem easily avoidable, but most traders only check the first and last digit of the wallet's 42 alphanumeric characters, as most protocols only display the first and last digit.

To make matters even more complicated, scammers rely on custom address generators to customize their addresses to make them appear less random or more similar to a given address, according to Binance.

“A genuine Ethereum address like 0x19x30f…62657 could be spoofed using a similar looking 0x19x30t…72657, which may be totally different in the middle while keeping the first and last characters.”

Scammers, BEWARE! Beware of the cryptovigilante! | Crypto Stories Ep. 4. Source: Cointelegraph

Related: Ether becomes inflationary for the first time since the merger

Source Link

Related Posts