Pages:
Author

Topic: Can scammers steal money using smart contracts? - page 2. (Read 354 times)

mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
It is worth mentioning that the protocol that is used to build the contract is important too. Some of them are very weak and have many security flaws that can potentially be exploited to steal money from unaware users. You have to be an expert to notice these things though.
DAO on Ethereum comes to mind when we talk about weak protocol and exploits.

This. @OP you better freakin what you're doing if you don't want to get burned. If you want to provide liquidity for the gainz, then you better know what you're using. If you think exchange hacks are bad, DeFi exploits are just as bad. (or probably even worse, because sometimes we don't know if the anonymous developers planted an exploit on purpose)

https://cryptosec.info/defi-hacks/
legendary
Activity: 3472
Merit: 10611
As for testing the contract, you're highly more likely to be safe if you're executing the contracts through command line, and with you fully knowing what a certain contract actually does. But if you're executing through a front-end UI like a website, then there's not much you can do as far as I know.
It is worth mentioning that the protocol that is used to build the contract is important too. Some of them are very weak and have many security flaws that can potentially be exploited to steal money from unaware users. You have to be an expert to notice these things though.
DAO on Ethereum comes to mind when we talk about weak protocol and exploits.
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds?
Yes, they can. If you execute a contract without knowing that it was a scam site, then they can steal your funds.

If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?
Always make sure you're in the correct website. And if you're extra paranoid, always check the project's social media accounts so you're updated if there's a recent exploit or whatever.

For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds? If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?
They can, and not even just a specific trading pair.

As for testing the contract, you're highly more likely to be safe if you're executing the contracts through command line, and with you fully knowing what a certain contract actually does. But if you're executing through a front-end UI like a website, then there's not much you can do as far as I know.

On the other hand, what if scammers find exploit in some trusted smart contract which certified by Certik or organization like that? In that case can they steal only staked pairs or all money? How can I protect my wallet from scammers?
A project being audited by Certik or any other auditing company doesn't make a project hack-proof.
newbie
Activity: 4
Merit: 2
For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds? If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?

On the other hand, what if scammers find exploit in some trusted smart contract which certified by Certik or organization like that? In that case can they steal only staked pairs or all money? How can I protect my wallet from scammers?

I use MetaMask as a hot wallet. This app is very popular and many scammers steal money from MetaMask. Sometimes they steal it without seed phrase, trojans, viruses etc. But users say that they sign some contracts and lose their funds.

Many thanks to all your answers, my crypto friends Smiley!
Pages:
Jump to: