In a sophisticated cyber attack that lasted from November 26th to December 3rd, a skilled hacker specializing in “address poisoning” stole approximately $2.05 million from around 10 users of Safe Wallet, a popular cryptocurrency storage service. This revelation comes from Scam Sniffer, a leading platform for fraud detection in Web3, which closely monitored the situation.
A Trail of Financial Ruin
Further data analysis from Dune Analytics by Scam Sniffer sheds light on the broader impact of these internet criminals’ activities. Over the past four months, it is believed that the attacker himself collected a total of $5 million and targeted 21 victims. In one notable case, a user deposited $10 million worth of cryptocurrencies into their safe wallet, but suffered a loss of $400,000 – a narrow escape considering the potential magnitude of the loss.
Understanding Address Poisoning
The method, known as “address poisoning,” involves creating a cryptocurrency address that closely resembles the victim’s regular transaction addresses, often matching the starting and ending characters. The attacker then sends a small amount of cryptocurrency from this newly created wallet to the target, thus “poisoning” their transaction record. Unwitting victims, failing to notice subtle differences, may mistakenly send large sums of money to the attacker’s address instead of the intended recipient.
High-Profile Case: Florence Finance
A major address poisoning incident was reported on November 30th, impacting Florence Finance, an asset-backed lending protocol. The platform suffered a significant loss of $1.45 million in USDC. Peck Shield, a blockchain security firm, detailed how the attacker used an address with similar beginning and ending sequences to the original address, deceiving the protocol.
The Need for Vigilance and Enhanced Security
This concerning trend in address poisoning attacks highlights the urgent need to strengthen security measures in the cryptocurrency space. While authorities and cybersecurity experts tirelessly work to track down and apprehend the perpetrator, users must exercise increased vigilance. Users are advised to double-check transaction details and adopt additional security measures to protect their digital assets.
Important Notice: The content of this article is for informational purposes only and should not be construed as financial advice. Chinwa.tech assumes no responsibility for any investment decisions made based on the information provided herein. It is strongly advised to seek the guidance of a qualified specialist or financial advisor before making any investment choices.