Release: 2024/05/18 20:24 Reading: 389
Binance's Security Experts Develop "Antidote" to Address Poisoning Scams
Binance's security experts have developed an "antidote" to combat the rising threat of address poisoning scams, which deceive investors into sending funds to fraudulent addresses.
The security team at the world's largest cryptocurrency exchange has created an algorithm that has identified millions of compromised crypto addresses, as reported to Cointelegraph:
"We have developed a unique method of identifying poisoned addresses, which helps us to alert users before they send money to criminals and was instrumental in identifying and flagging more than 13.4 million spoofed addresses on BNB Smart Chain and 1.68 million on Ethereum."
Understanding Address Poisoning
Address poisoning, also known as address spoofing, involves scammers sending a small amount of digital assets to a wallet that closely resembles the victim's address. This transaction becomes part of the wallet's history, leading the victim to accidentally copy and send funds to the scammer's address.
Binance's Algorithm
Binance's algorithm detects these spoofed addresses by identifying suspicious transfers—typically those with near-zero value or unknown tokens—linking them to potential victim addresses, and timestamping malicious transactions to pinpoint the time of poisoning.
These compromised addresses are logged in the database of Web3 security firm HashDit, Binance's security partner, enhancing the protection of the broader crypto industry from such scams. According to Binance's report:
"Many cryptocurrency service providers use HashDit's API to boost their defenses against a variety of scams.
READ MORE: Unknown Trader Nets $46 Million from Pepe Memecoin Amidst Resurgent GameStop Hype
"One of them, for example, is Trust Wallet, which uses the database of poisoned addresses to alert users when they are about to transfer funds to a spoofed recipient."
The algorithm also flags spoofed addresses on HashDit's user-facing products, web browser extensions, and MetaMask Snaps.
The Need for Prevention
The necessity for this preventive algorithm became evident two weeks ago after an unknown trader lost $68 million to an address-poisoning scam. On May 3, they accidentally sent $68 million worth of Wrapped Bitcoin (wBTC) to a spoofed address.
Remarkably, the thief returned the $68 million on May 13, after on-chain investigators traced his potential Hong Kong-based IP addresses. This incident suggests that the scammer panicked due to the public attention following the scam.
Avoiding Address Poisoning
Address poisoning scams might seem avoidable, but most traders only verify the first and last digits of the wallet's 42 alphanumeric characters. Scammers exploit this by using vanity address generators to create addresses that look similar. As Binance explains:
"An authentic Ethereum address like 0x19x30f…62657 could be spoofed using a similar-looking 0x19x30t…72657, which can be totally different in the middle while maintaining the first and last few characters."
To submit a crypto press release (PR), send an email to sales@cryptointelligence.co.uk.
We are building the most influential,trusted information platform for aglobal community engaged in thd transformation of the financial system andthe emerging crypto economy.PEPE is an integrated platform for media,events,data & indices for the next generation fo investing and the future of money.
Get in touch with the PEPE team at admin@pepecoinbuy.com