BTC

$64524.333

0.83%

ETH

$3149.969

0.56%

BNB

$603.767

-1.32%

XRP

$0.524

0.20%

Scam Alert

Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

April 10, 2023 - Around 3 mins mins to read

Key Points:

  • According to Etherscan, the upgrade was meant to dissuade zero-value token transfer phishing schemes, which have phished and spammed unwary users.
  • The purpose of the scam is to trick the victim into accidentally sending cryptocurrency to the fraud address.
  • Profits from the new assault strategies have already topped $8 million.
Scammers are getting more sophisticated and more sophisticated to steal users’ assets, one of the common tricks is the zero-value transfer phishing attack.
Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

The blockchain explorer Etherscan has stopped the display of zero-value token transactions on its website by default.

The zero-value transfer phishing campaign, which has been running for over six months, has just received a technical update. According to on-chain monitoring, it has now developed into small-value transfer phishing and counterfeit token transfer phishing.

Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

Address poisoning is a sort of cryptocurrency fraud in which an attacker sends a token with little or no value to a user’s address in order to “poison” it. After that, the transaction is saved in the soft or hard wallet’s history and may be chosen for making transfers.

The scam’s goal is to fool the victim into transferrin crypto to the scam address by accident. To do this, hackers use sophisticated software to generate scam addresses that resemble “poisoned” addresses, with the same few starting or ending characters.

The following are the features of this sort of attack:

  • The attack is subtle and widespread: attackers just need to concentrate on producing addresses that seem similar to the originals. Furthermore, since standard token logic does not validate zero-value transfers, such transfers may be initiated by anybody, implying that any transaction can be added onto anyone’s transaction list.
  • The investment is small, but the return is high: The gas cost of Zero Value Phishing on the ETH chain alone is around 2,000 ETH (almost $4 million), and the total cash acquired via this fraud totals $21 million.

Users must now explicitly activate the display from the website’s settings page. Etherscan claims the change was meant to prevent “address poisoning” assaults that phished and spammed innocent users.

According to X-explore, the new attack tactics have already earned up to $8 million in profits, which, when coupled with our prior research on zero-value transfer phishing (Address Poisoning Attack, A Continuing Danger), brings the total loss on the chain to $32 million.

Neither the undesirable coins nor the addresses that receive such tokens may jeopardize the cash of users. Unwanted nonfungible tokens, or NFTs, on the other hand, have the ability to compromise an address via transactions like shifting it to multiple accounts.

The user experience on the Etherscan browser has been drastically reduced as a result of these malicious operations. It takes several seconds to determine if a transaction is legitimate or fraudulent, and there is a lot of phony data on the blockchain, making it difficult to tell the difference.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

ETH

Etherscan

Phishing Attacks

Scam

Zero-value Token

Avatar of Harold

Author

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.
Scam Alert

Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

Key Points:

  • According to Etherscan, the upgrade was meant to dissuade zero-value token transfer phishing schemes, which have phished and spammed unwary users.
  • The purpose of the scam is to trick the victim into accidentally sending cryptocurrency to the fraud address.
  • Profits from the new assault strategies have already topped $8 million.
Scammers are getting more sophisticated and more sophisticated to steal users’ assets, one of the common tricks is the zero-value transfer phishing attack.
Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

The blockchain explorer Etherscan has stopped the display of zero-value token transactions on its website by default.

The zero-value transfer phishing campaign, which has been running for over six months, has just received a technical update. According to on-chain monitoring, it has now developed into small-value transfer phishing and counterfeit token transfer phishing.

Zero-value Token Transfer Phishing Attacks Causing Massive Loss Prevented

Address poisoning is a sort of cryptocurrency fraud in which an attacker sends a token with little or no value to a user’s address in order to “poison” it. After that, the transaction is saved in the soft or hard wallet’s history and may be chosen for making transfers.

The scam’s goal is to fool the victim into transferrin crypto to the scam address by accident. To do this, hackers use sophisticated software to generate scam addresses that resemble “poisoned” addresses, with the same few starting or ending characters.

The following are the features of this sort of attack:

  • The attack is subtle and widespread: attackers just need to concentrate on producing addresses that seem similar to the originals. Furthermore, since standard token logic does not validate zero-value transfers, such transfers may be initiated by anybody, implying that any transaction can be added onto anyone’s transaction list.
  • The investment is small, but the return is high: The gas cost of Zero Value Phishing on the ETH chain alone is around 2,000 ETH (almost $4 million), and the total cash acquired via this fraud totals $21 million.

Users must now explicitly activate the display from the website’s settings page. Etherscan claims the change was meant to prevent “address poisoning” assaults that phished and spammed innocent users.

According to X-explore, the new attack tactics have already earned up to $8 million in profits, which, when coupled with our prior research on zero-value transfer phishing (Address Poisoning Attack, A Continuing Danger), brings the total loss on the chain to $32 million.

Neither the undesirable coins nor the addresses that receive such tokens may jeopardize the cash of users. Unwanted nonfungible tokens, or NFTs, on the other hand, have the ability to compromise an address via transactions like shifting it to multiple accounts.

The user experience on the Etherscan browser has been drastically reduced as a result of these malicious operations. It takes several seconds to determine if a transaction is legitimate or fraudulent, and there is a lot of phony data on the blockchain, making it difficult to tell the difference.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Visited 78 times, 1 visit(s) today