bitcoin
Bitcoin (BTC) $ 52,206.99
ethereum
Ethereum (ETH) $ 2,990.72
tether
Tether (USDT) $ 1.00
bnb
BNB (BNB) $ 354.29
solana
Solana (SOL) $ 108.18
xrp
XRP (XRP) $ 0.563418
staked-ether
Lido Staked Ether (STETH) $ 2,985.81
usd-coin
USDC (USDC) $ 1.00
cardano
Cardano (ADA) $ 0.625723
avalanche-2
Avalanche (AVAX) $ 38.43
tron
TRON (TRX) $ 0.140043
dogecoin
Dogecoin (DOGE) $ 0.085711
chainlink
Chainlink (LINK) $ 19.37
polkadot
Polkadot (DOT) $ 7.77
matic-network
Polygon (MATIC) $ 1.03
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 52,151.97
the-open-network
Toncoin (TON) $ 2.21
internet-computer
Internet Computer (ICP) $ 13.66
shiba-inu
Shiba Inu (SHIB) $ 0.000010
uniswap
Uniswap (UNI) $ 7.56
bitcoin-cash
Bitcoin Cash (BCH) $ 264.51
litecoin
Litecoin (LTC) $ 69.61
dai
Dai (DAI) $ 1.00
immutable-x
Immutable (IMX) $ 3.50
kaspa
Kaspa (KAS) $ 0.181239
leo-token
LEO Token (LEO) $ 4.30
cosmos
Cosmos Hub (ATOM) $ 10.35
blockstack
Stacks (STX) $ 2.70
bittensor
Bittensor (TAO) $ 619.67
optimism
Optimism (OP) $ 4.04
filecoin
Filecoin (FIL) $ 7.52
ethereum-classic
Ethereum Classic (ETC) $ 26.88
hedera-hashgraph
Hedera (HBAR) $ 0.108413
near
NEAR Protocol (NEAR) $ 3.40
aptos
Aptos (APT) $ 9.61
stellar
Stellar (XLM) $ 0.117781
injective-protocol
Injective (INJ) $ 36.68
vechain
VeChain (VET) $ 0.044782
okb
OKB (OKB) $ 50.95
celestia
Celestia (TIA) $ 17.91
lido-dao
Lido DAO (LDO) $ 3.21
first-digital-usd
First Digital USD (FDUSD) $ 0.998832
arbitrum
Arbitrum (ARB) $ 1.98
mantle
Mantle (MNT) $ 0.762801
crypto-com-chain
Cronos (CRO) $ 0.091031
render-token
Render (RNDR) $ 6.39
sei-network
Sei (SEI) $ 0.924126
the-graph
The Graph (GRT) $ 0.248766
monero
Monero (XMR) $ 122.12
sui
Sui (SUI) $ 1.73

Safe Wallet scammer steals $2M through ‘address poisoning’ in one week

0

A crypto hacker specializing in “address poisoning attacks” has managed to steal over $2 million from Safe Wallet users alone in the past week, with its total victim count now reaching 21. 

On Dec. 3, Web3 scam detection platform Scam Sniffer reported that around ten Safe Wallets lost $2.05 million to address poisoning attacks since Nov. 26.

According to Dune Analytics data compiled by Scam Sniffer, the same attacker has reportedly stolen at least $5 million from around 21 victims in the past four months.

Scam Sniffer, reported that one of the victims even held $10 million in crypto in a Safe Wallet, but “luckily” only lost $400,000 of it. 

Address poisoning is when an attacker creates a similar-looking address to the one a targeted victim regularly sends funds to — usually using the same beginning and ending characters.

The hacker often sends a small amount of crypto from the newly-created wallet to the target to “poison” their transaction history. An unwitting victim could then mistakingly copy the look-alike address from transaction history and send funds to the hacker’s wallet instead of the intended destination.

Cointelegraph has reached out to Safe Wallet for comment on the matter.

A recent high-profile address poisoning attack seemingly carried out by the same attacker occurred on Nov. 30 when real-world asset lending protocol Florence Finance lost $1.45 million in USDC.

At the time, blockchain security firm PeckShield, which reported the incident, showed how the attacker may have been able to trick the protocol, with both the poison and real address beginning with “0xB087” and ending with “5870.”

In November, Scam Sniffer reported that hackers have been abusing Ethereum’s ‘Create2’ Solidity function to bypass wallet security alerts. This has led to Wallet Drainers stealing around $60 million from almost 100,000 victims over six months, it noted. Address poisoning has been one of the methods they used to accumulate their ill-gotten gains.

Related: What are address poisoning attacks in crypto and how to avoid them?

Create2 pre-calculates contract addresses, enabling malicious actors to generate new similar wallet addresses which are then deployed after the victim authorizes a bogus signature or transfer request.

According to the security team at SlowMist, a group has been using Create2 since August to “continuously steal nearly $3 million in assets from 11 victims, with one victim losing up to $1.6 million.”

Magazine: Should crypto projects ever negotiate with hackers? Probably



Source link

Leave A Reply

Your email address will not be published.

Shares