6 comments

[ 3.2 ms ] story [ 24.2 ms ] thread
How this scam works:

- User sends crypto to some address, say 0x1234...abcd

- An attacker identifies a pattern of the user sending crypto to that address

- Attacker brute-forces a similar looking wallet address, say 0x1235...bbcd - this is the phishing address that the attacker controls

- Attacker sends a fake transaction of crypto from the user's address to the phishing address

- User, wanting to send another txn, sees that wallet in their recent history and uses the phishing address

This is a common scam in crypto and it has been relatively unsuccessful up until now. Someone sending $20M worth of USDT had extremely bad security practices. Typically you would avoid this by having a known, whitelisted addresses you send to and a complex process to add new addresses to the whitelist to ensure you don't fat-finger an address.

Thanks for the details.

"Attacker sends a fake transaction of crypto from the user's address to the phishing address"

Can you explain what you mean by this, how this works?

The attacker basically calls Transfer(From your address, to phishing address, quantity 0) They can't actually transfer any crypto because your approval for that token is zero. But they can technically transfer zero tokens from your address to another one. Then some wallet interfaces pick this up and display it as a transfer.
This is genuinely hilarious.

Another nail in the coffin for cryptocurrency.

Thank you, scammers and scammees!