This is completely different from the Clipboard Hijacker virus, in this case we are talking about there is no virus or hacking of the victim's machine, it is just that the attacker sends a zero transaction to the victim's address and hopes that the victim mistakenly copies the address from the transaction history and sends the tokens to attackers.
This is a primitive type of attack based on the idea that some people copy addresses from their transaction history when they want to send tokens.
They just wait for the user to send the tokens to their address by mistake or rush.
Topic: New Scam Alert - Address Poisoining - page 2. (Read 260 times)
A thorough explanation of Address Poisoning can be seen on What are Address Poisoning Scams?
Based on the explanation over the thread, the attack was initially known in November of 2022. Firstly, it initiated by the scammer with sending a small amount of tokens and then cames the zero token transaction scam.
Clipboard hijacking is rooted in the user's infiltrated device. But with this type of scam, the users did have any malware and the scammer does not have access to the user's device, it happened solely due to how the wallet operated--the user behaviour and the smart contract accepting 0 tx.
Based on the explanation over the thread, the attack was initially known in November of 2022. Firstly, it initiated by the scammer with sending a small amount of tokens and then cames the zero token transaction scam.
And this could be related to this, What is Clipboard Hijacker?.
Clipboard hijacking is rooted in the user's infiltrated device. But with this type of scam, the users did have any malware and the scammer does not have access to the user's device, it happened solely due to how the wallet operated--the user behaviour and the smart contract accepting 0 tx.
I think that the other community members here on the forum did not lack a reminder to crypto enthusiasts entering the world of crypto. We should always make it a habit to double-check the wallet address that we send or deposit to avoid this method of merciless hackers.
So anyway, thank you dude for this matter of giving once more reminders to the members here in the forum.
So anyway, thank you dude for this matter of giving once more reminders to the members here in the forum.
Scam alert: Metamask warns crypto users about address poisoning
While exploring the Binance news tab I found this article which highlights how a hacker is stealing the crypto assets by switching the address by matching the characters we normally use to send funds so beware of copying and pasting the recipient address no matter what kind of wallet your using and crosscheck all the characters not prefix and random alone.
While exploring the Binance news tab I found this article which highlights how a hacker is stealing the crypto assets by switching the address by matching the characters we normally use to send funds so beware of copying and pasting the recipient address no matter what kind of wallet your using and crosscheck all the characters not prefix and random alone.
Thanks for the warning OP. I just read through the article and i have to say, that i am not sure though how high the success rate of those hacking attempt is. I would guess that it is extremely low, which is a very good thing of course. So the scammer sends you a worthless token from an adress that is identical to yours on the first and also on the last number but not in between. That is all.
This means you have to make a few big mistakes at the same time in order to send the scammer your money. First of all you have to copy the address you want to sent to from a completely different location within metamask than you usually do and secondly you have to be completely blind at the same time to not see that the address is not the same as usual.
This type of scam isn’t new. It’s been happening for a while, most likely it’s able to be carried out by hackers if you unfortunately download malware on your device. When you copy an address to send crypto to he/she is able to switch around some letters/numbers in the middle of the address & send to an address they are in control of which is very similar to the one you use. It’s commonly known as a clipboard hack.
The only way to minimise the risk here is don’t go on shady sites using a device you use for crypto. Don’t download movies, torrents, files. Don’t use a VPN, don’t use the device for pretty much anything other than crypto. You shouldn’t be using the device you use for crypto for regular browsing & leisure. You need a seperare device for crypto, it’s the best way to keep it clean.
The only way to minimise the risk here is don’t go on shady sites using a device you use for crypto. Don’t download movies, torrents, files. Don’t use a VPN, don’t use the device for pretty much anything other than crypto. You shouldn’t be using the device you use for crypto for regular browsing & leisure. You need a seperare device for crypto, it’s the best way to keep it clean.
This is a common ransomware that focus on the clipboard malware attack, if you're sending a transaction forward to an address, make sure that you check the address to be correct from the one you copied and you might have pasted it before sending the transaction, this could be a costly mistake because transactions are irreversible regardless of the mistakes, and those that uses metamask crypto wallet needed to be extra more careful because they are dealing with multiple cryptos which they can got infected from any side where they were being open and careless from the sites they visit.
And this could be related to this, What is a Clipboard Hijacker?.
Clipboard hijacking is more advanced than this if I am not wrong where the hacker replaces the recipient address with his desired destination address, but the attack explained in the article says the hacker doesn't replace the address but matches the address with similar one and hoping the victim will choose the wrong address and send funds to it.
So is the hacker able to change the copy/paste of my Metamask wallet for example,as I have been using it since Ethereum moved to PoS and I have a lot of Ethereum Fair and some Ethereum PoW there.However I never have received such warnings and maybe this is because I only send and receive money with websites I fully trust,I do not venture in uncharted territories and above all I am using Linux which I think it has an added layer of security because hackers target Windows devices as most of people use that system (not long ago,in fact very recently that manager who got hacked through his system I believe he was using Windows).
Nevertheless a good advice for people using Windows and not only,even for us who use Linux it is always a good practice to double check where we are sending money.
Nevertheless a good advice for people using Windows and not only,even for us who use Linux it is always a good practice to double check where we are sending money.
Thanks for this, and that is why it is very important to check everything first before sending any to a address. Because hackers are clever enough to change the first and last of any address that it looks very similar to the one you are sending.
So if you are not that careful you might fall for this trick.
And this could be related to this, What is Clipboard Hijacker?.
So if you are not that careful you might fall for this trick.
And this could be related to this, What is Clipboard Hijacker?.
Scam alert: Metamask warns crypto users about address poisoning
While exploring the Binance news tab I found this article which highlights how a hacker is stealing the crypto assets by switching the address by matching the characters we normally use to send funds so beware of copying and pasting the recipient address no matter what kind of wallet your using and crosscheck all the characters not prefix and random alone.
I will quote the important part of the article and will leave the link below.
source: Scam alert: MetaMask warns crypto users about address poisoning
While exploring the Binance news tab I found this article which highlights how a hacker is stealing the crypto assets by switching the address by matching the characters we normally use to send funds so beware of copying and pasting the recipient address no matter what kind of wallet your using and crosscheck all the characters not prefix and random alone.
I will quote the important part of the article and will leave the link below.
Quote
While the attempt would not give the hackers access to user wallets, people who may have gotten into the habit of copying their wallet address from the transaction history before sending digital asset balances could potentially send their funds to copycat addresses.
Because of this, the wallet provider warned users always to be careful and double-check their transactions before sending their balances. The firm highlighted that it would be best to check every single character of the wallet address to make sure that the funds will be sent to the correct wallet.
Because of this, the wallet provider warned users always to be careful and double-check their transactions before sending their balances. The firm highlighted that it would be best to check every single character of the wallet address to make sure that the funds will be sent to the correct wallet.
source: Scam alert: MetaMask warns crypto users about address poisoning
Jump to: