MetaMask has reported an increase in address poisoning attacks. Let’s take stock of this fraud, which is all about carelessness, as well as the means to protect yourself from it.
What is address poisoning?
MetaMask wallet support has alerted the community to the phenomenon of “the poisoning addressor skill poisoning in French, which tends to spread. The concept of him is simple: take advantage of an investor’s carelessness to steal his cryptocurrencies.
A new scam called “Address Poisoning” is on the rise. Here’s how it works: After sending a normal transaction, the fraudster sends a $0 txn token, “poisoning” the txn history. (1/3)
— MetaMask Support (@MetaMaskSupport) January 11, 2023
To carry out his attack, a mischievous person fetches addresses that often exchange funds. This could be a sign that only one person has address A and address B and that they migrate cryptocurrencies between the two on a regular basis.
The attacker then creates an address similar to the A or B address thanks to a “vanity” address generator.. This type of software allows you to generate a private key, for a public address containing some specific characters.
For example, let’s choose a completely arbitrary address on Etherscan: 0x8e7Ec153f5362f71083eF0Fd5784dc082c07404D. Imagine that a hacker wants to target this address, which we’ll call “address A,” he might then try to create an address containing the same last four characters, on a service like “Vanity-ETH”. Indeed, it is generally easier to remember the end or the beginning of an address than its complete alphanumeric sequence:
Private key generated with personalized address thanks to Vanity-ETH
With this new address, the hacker will send a small amount of cryptocurrency to the destination addressi.e. “address B”, so that the fraudulent address appears in the history of its future victim, who resembles address A.
During his next trades from address B, it will be enough for the target mechanically copies the fraudulent address into its transaction historythinking they copied address A, in order to send their funds to the attacker.
👉 To go further – Find our guide on best practices to limit the risk of hacks
The best way to protect your cryptocurrencies 🔒
🔥 The world leader in cryptocurrency security
👉 Listen to this article and all other cryptocurrency news on Spotify
How to protect yourself from such attacks?
To date, there is, a priori, incoming transactions cannot be blocked on a public blockchain like Ethereum (ETH). This means that everyone can see their polluted addressesdeal with poisoning. In the face of this observation, vigilance remains the best defense.
Most wallets such as Frame or MetaMask in particular, or Keplr to give an example with the Cosmos (ATOM) ecosystem, allow you to copy an address directly from the application. This feature saves you having to look up an address in your transaction history and risk being trapped.
If you need to search through this history to find an address then you will need to do so 100% make sure it’s the right one.
The use of custom addresses was also used in the DNS Convex (CVX) attack in June 2022, where smart contracts were replaced on the website by the hacker, in favor of their own vanity addresses.
An attempt at fraud, seemingly simple asdeal with poisoningtherefore remember that very often, the main flaw in a system remains the human factor.
👉 Also in the news – Godfather: the virus that would target 400 banking and cryptocurrency applications
Progress in the world of cryptocurrencies with Cryptoast experts 📘
Receive a roundup of cryptocurrency news every Monday by email 👌
What you need to know about affiliate links. This page features investment related goods, products or services. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus using our links.
Investing in cryptocurrencies is risky. Cryptoast is not responsible for the quality of the products or services presented on this page and cannot be held responsible, directly or indirectly, for any damage or loss caused as a result of using a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
MFA recommendations. A high return is not guaranteed, a product with a high return potential carries a high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose some of these savings. Do not invest if you are not ready to lose all or part of your capital.
Read more on our Financials, Media Transparency and Legal Notices pages.