More

    Safe Wallet Users Hit by ‘Address Poisoning’ Scam: $2M Lost

    A security breach has rattled users of the supposedly secure Safe Wallet, leaving 21 victims reeling from an ‘address poisoning’ scam, resulting in a staggering $2 million loss within a week.

    The tranquility of Safe Wallet, once a beacon of security, has been disrupted as a crypto hacker employing ‘address poisoning attacks’ has orchestrated a series of devastating thefts. Over a span of seven days, from November 26 to December 3, the attacker successfully siphoned $2 million from 10 users. Shockingly, this marks the twenty-first victimization, with the same attacker reportedly absconding with a total of $5 million from Safe Wallet users in the last four months. Notably, an individual holding $10 million in crypto assets saw a loss of $400,000 in the latest breach.

    Suspicions suggest that the recent address poisoning attack might be linked to the same entity that targeted Florence Finance, a real-world asset lending protocol. Initially flagged by blockchain security firm PeckShield, the attack drained $1.45 million in USDC from the protocol, redirecting the transaction to a deceitful phishing address instead of the intended destination.

    The deceptive nature of this scam lies in the crafting of nearly identical addresses, misleading users into inadvertently sending funds to fraudulent addresses while overlooking subtle discrepancies.

    Understanding the mechanics behind ‘address poisoning’ reveals its exploitation of user oversight and expediency, distinct from conventional phishing or token approval scams. MataMask highlights the vulnerability arising from address shortening practices, where incomplete addresses are displayed, increasing the probability of a match between attacker-created and user-generated addresses.

    Address poisoning capitalizes on users’ habits of copying addresses from transaction logs, leading to inadvertent fund transfers to malicious addresses resembling the intended destination, posing a significant threat to users’ assets.

    Stay in the Loop

    Get the daily email from Crypto Navigator that makes reading the news actually enjoyable. Join our mailing list to stay in the loop to stay informed, for free.

    Latest stories

    - Advertisement - spot_img

    You might also like...