Address Poisoning Attacks: What You Need to Know

Address poisoning attacks have come to the fore in 2023 as one of the leading vectors of fraud orchestrated by threat actors in the Crypto World. 

The basic underlying premise of this phenomenon is simple: to hoodwink the victim into sending money to the threat actor’s address by creating transactions purposely made to mislead the target.

The discussed type of attacks were first observed at the end of 2022. However, the modus operandi has been able to swindle millions of dollars from investors — and counting.

Observing the concept

In essence, such attacks are attempts made by cybercriminals to compromise, misuse, or alter cryptocurrency wallet addresses. This attack vector can result in the theft of tokens and blockchain outages.

The threat actors using this technique often target Ethereum (ETH) users. Consequently, users of blockchains that support the Ethereum Virtual Machine (EVM), such as Binance Chain, Avalanche, or Polygon are often targeted. These blockchains are targeted because of their low transaction fees, making it easy to deploy such fraudulent schemes to a wide user base on a large scale.

The cybercriminals’ goal is obvious: to be able to trick unsuspecting users into transferring their assets to a fraudulent crypto wallet address intended to mimic their own.

For instance, the attacker may create a “vanity” cryptocurrency wallet address, which can be a personalized address using a particular set of characters designed to purposely misdirect a victim by making it look like their intended recipient’s address.

When the victim copies the crypto address from a previous transaction, they may inadvertently send their digital assets to the fraudulent or spoofed address. Therefore, one of the best ways to avoid address poisoning attacks is to manually confirm the crypto address they are transacting with before sending assets to ensure that they are sent to the intended account.

Different types of attacks

Attacks come in a variety of vectors. Here are among the most common ones observed thus far in the crypto sphere:

1. Phishing attempts. Cybercriminals create fake websites, emails, or messages closely resembling crypto businesses designed to deceive users into revealing login details or private keys, enabling fraud and misuse.
2. Transaction interception. Threat actors intercept legitimate crypto transactions and change the destination address to a wallet under their control through compromised user devices or networks.
3. Address reuse. Attackers scan the blockchain for recycled addresses, identifying vulnerabilities exposed by repetitive transactions to access user wallets and steal digital assets.
4. Sybil attacks. This attack involves creating multiple fake nodes to gain control over a blockchain, potentially enabling alteration of transactions and threatening network security.
5. Spoofed addresses/QR codes. Cybercriminals may distribute spoofed payment addresses or QR codes, deceiving users into sending cryptocurrencies to a wallet under attackers’ control.
6. Smart contract vulnerabilities. Exploits in decentralized apps or smart contracts may enable threat actors to steal funds or cause outages in decentralized finance protocols, leading to financial loss.

Tips on staying safe

Cybercriminals tend to target users who often transact large sums in cryptocurrencies.

The best defense against an attack is to arm yourself with the knowledge of how they work. Then, ignore sketchy-looking transactions and mode of operation linked to address poisoning attacks.

In closing, here are some guidelines to reduce your likelihood of falling prey to an address poisoning attack:

1. Set up transaction alerts. Certain wallets and instruments enable you to set up notifications when your address transacts with smart contracts. They can be utilized to confirm your regular transactions and identify potential red flags or misuse involving your address.
2. Make a trusted list of contacts. Attacks work by deceiving you into sending funds to a wallet you think you own or someone you usually transact with. By creating a contact list of addresses you regularly interact with, you can completely eliminate your risk of falling prey to this fraud.
3. Use trusted sources. When transacting with crypto addresses for the first time, always refer to a trusted source to determine the recipient’s address. This could be through official sources like their website, social media accounts, or verified communication channels. Don’t click on links from dubious sources, and don’t send funds without double-checking the recipient’s address.
4. Use a crypto wallet name service. Ethereum and Binance Chain users can use name service addresses such as the Ethereum Name Service or the BSC Name Service. These customizable addresses add another layer of security because of their shorter length and their distinct naming convention.

If you follow these tips, you might save yourself from becoming a target of crypto fraudsters. Looking for more articles like this one? Make sure to read 5 Main Risks of a Crypto Wallet and How to Protect Yourself in the Metaverse.

SimpleSwap reminds you that this article is provided for informational purposes only and does not provide investment advice. All purchases and cryptocurrency investments are your own responsibility.