Cybercriminals are fooling users in address poisoning scams to siphon off cryptocurrency, warned cryptocurrency wallet provider MetaMask. This attack fools users into sending funds to the scammer instead of the intended recipient.
How the trick works
The method exploits the tendency that people often trust their recent transactions to find the recipient for making any new transactions. Attackers try to exploit this fact by adding fake transactions to the potential victim’s transaction history.
- For example, when a MetaMask user sends/receives cryptocurrency, it is displayed in the wallet’s transaction list.
- Clicking on more details displays the token, sent or received amount, and a short form of the third party's address.
- While both sender and receiver wallet addresses seem identical in short form (i.e. some part of the address is masked), they could be different and may confuse MetaMask users into making their next transaction to the attacker’s address instead.
Diving into details
To initiate the attack, the scammers monitor the blockchain for recent transactions and find transitions suitable for them to target.
- They use vanity address creator to create an address similar or almost the same, involved in the recent transaction list.
- The attacker then transfers a small amount of cryptocurrency or a $0 token transaction to sender's look-alike address, actually controlled by the attacker. This step ensures that the transaction is displayed in the wallet's history.
- Since MetaMask shortens the addresses in the history of transactions, the displayed address looks similar to a user's earlier transaction and seems to be from a valid person known to the victim.
- As the last step, the attacker hopes that when a user sends cryptocurrency to the forged address from the recent transaction list, the crypto will reach them.
Conclusion
MetaMask suggests users should use the built-in Address Book feature to save known and valid cryptocurrency addresses for people or services they generally transact with. Further, crypto wallet providers can also add a feature to display full Send To and From addresses in the history of transactions to mitigate the risk.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_76958877_MEDIUM.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/8aab_shutterstock_1757261201.jpg)
