Topic: Be careful when copy-pasting a Bitcoin address - page 2. (Read 372 times)
it must be a database because i don't think it would even be possible to find a similar looking address within reasonable time that has both matching starting characters and ending characters. the amount of work for something like that increases more than just finding the match for the beginning that it requires pre-generation.
Always a good reminder, but I don't think that the malware using similar addresses is exactly a new development...
This article from 2018, shows how the malware is detecting addresses and then sends to a remote server to get a replacement one... most likely so they can send back a similar looking key that has been pre-generated.
As someone on the Electrum twitter thread said, it would take less that a Terabyte of storage to hold all combinations of first+last 3 chars... That's peanuts in the world of storage today. With a vanity address I guess you're more likely to notice it if your 5 character "1bL4nk" address was suddenly "1bL3z"... even my "1HCPx" address would probably be ok... But I don't see it as a problem because I usually check a lot more than 3 chars... I usually check around 5 or 6 at beginning and end and look for a distinctive pattern in the middle as well.
Now, I wonder how attackers do this if its vanity address or a pre-generated address or real-time generating from a script that reads the first and ends characters but it will consume time and resources for this kind of attack.
This article from 2018, shows how the malware is detecting addresses and then sends to a remote server to get a replacement one... most likely so they can send back a similar looking key that has been pre-generated.
As someone on the Electrum twitter thread said, it would take less that a Terabyte of storage to hold all combinations of first+last 3 chars... That's peanuts in the world of storage today. With a vanity address I guess you're more likely to notice it if your 5 character "1bL4nk" address was suddenly "1bL3z"... even my "1HCPx" address would probably be ok... But I don't see it as a problem because I usually check a lot more than 3 chars... I usually check around 5 or 6 at beginning and end and look for a distinctive pattern in the middle as well.
This can be done with a botnet if necessary to produce addresses and send them out (vanity gen allows for running with a partial key too so others can't decrypt).
Or a pregenerated list of addresses that are probably not too big. Try to remember the first 5, copy paste, then check the last five before hitting submit.
Or a pregenerated list of addresses that are probably not too big. Try to remember the first 5, copy paste, then check the last five before hitting submit.
Be careful when copy-pasting a Bitcoin address. Current clipboard malware tries to replace them with similar-looking addresses, that start and end with the same characters.
https://twitter.com/ElectrumWallet/status/1250774410115665922
Now, I wonder how attackers do this if its vanity address or a pre-generated address or real-time generating from a script that reads the first and ends characters but it will consume time and resources for this kind of attack.
#StaySafe
https://twitter.com/ElectrumWallet/status/1250774410115665922
Now, I wonder how attackers do this if its vanity address or a pre-generated address or real-time generating from a script that reads the first and ends characters but it will consume time and resources for this kind of attack.
#StaySafe
Jump to: