Despite hacks and scams regularly hogging the spotlight for the bigger part of 2022, overzealous fraudsters came up with a new method to steal money from crypto wallets. Address poisoning is a new phishing attack that involves changing the Secret Recovery Phrase, then modifying the transaction history. The main difference between address poisoning and the usual scamming technique is that address poisoning heavily relies on the user’s carelessness.
.tweet-container,.twitter-tweet.twitter-tweet-rendered,blockquote.twitter-tweet{min-height:261px}.tweet-container{position:relative}blockquote.twitter-tweet{display:flex;max-width:550px;margin-top:10px;margin-bottom:10px}blockquote.twitter-tweet p{font:20px -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Helvetica,Arial,sans-serif}.tweet-container div:first-child{ position:absolute!Important }.tweet-container div:last-child{ position:relative!Important }
They use an address with the same first & last few characters as the real transaction you sent; in hopes you will not check the full address, and instead copy theirs in a future txn. (2/3) - More detail here: https://t.co/xGxNgRX4WM)— MetaMask Support (@MetaMaskSupport) January 11, 2023
How Address Poisoning Works
The leading DeFi crypto wallet provider MetaMask penned a long blog post warning crypto enthusiasts around the globe to double-check the crypto wallet addresses and spread the word about address poisoning to prevent money loss. Firstly, the culprit exploits the victim’s transaction history. For address poisoning to work in full effect, the fraudster generates similar ‘vanity’ addresses to the one a user has.
Indeed, crypto wallet addresses are very hard to remember, because of the cryptographically generated hexadecimal numbers. Hackers tend to instill these new addresses in the counterfeit transaction history, and usually, there’s no visual difference between the actual crypto wallet address and the fake one.
Secondly, once the scammer has created a similarly-looking crypto wallet address, the evildoer sends a transaction of a small value to the newly created dummy wallet. After this happens, the user’s crypto wallet is ‘poisoned.’ This is because the transaction history on MetaMask or any other DeFi wallet shows the hacker’s new address, which is visually unidentifiable as different. Most crypto enthusiasts visually indicate their wallet by the starting and ending characters, while the middle part of an address is rarely remembered.
Finally, this creates an opportunity for the hacker to contaminate the wallet dummy addresses. The next time the unsuspecting user tries to copy the crypto wallet address from the transaction history, the funds might end up in the almost identically-looking hacker’s wallet.
This new 'address poisoning' scam is crazy.Like and retweet to help others be aware of this.Personally I ALWAYS just blindly copy and paste my crypto addresses in... pic.twitter.com/keMEKo3Gme— MASON VERSLUIS (@MasonVersluis) January 12, 2023
How to Prevent Address Poisoning
Luckily, there are a few go-to methods to prevent the bad actors of crypto from stealing your money. Naturally, the easiest solution to this problem is simply double-checking the crypto wallet addresses before sending the funds. Here are two more advanced workarounds for crypto enthusiasts fearing getting contaminated with address poisoning.
They use an address with the same first & last few characters as the real transaction you sent; in hopes you will not check the full address, and instead copy theirs in a future transactions.What to do:Double check copied addresses from transaction history. pic.twitter.com/L3D59BDp9V— PRINCE ADJEI (ONSCOLO)~Klever Satellite LEACH (@OnscoloAdjei) January 12, 2023
1) Use an address book
In most cases of address poisoning, having an address book instead of copying crypto wallet addresses from personal transaction history should solve the problem. The feature can be accessed on MetaMask by going to Settings > Contacts.
In this way, there are two issues immediately fixed. Firstly, the wallet owner won’t have to copy-paste the addresses, erasing the possibility of copy-pasting the bogus address. Moreover, the address book requires confirmation before putting addresses on it. The hapless hackers cannot change the addresses submitted by the wallet owner.
You can protect yourself by double-checking the full address, or by using the Address Book feature. If you need help: 'Menu > Support' in-app, or from the web: https://t.co/7YSoVzs7wa - 'Start a Conversation' button, the chatbot will ask a few questions. 3/3— MetaMask Support (@MetaMaskSupport) January 11, 2023
2) Use a cold wallet
Another effective way of rescuing oneself from the hassle of trying to retrieve lost crypto funds has a cold wallet. Hence, a self-custody wallet not connected to the internet is less susceptible to fraudulent phishing attacks by evil computer geniuses. On top of that, cold hardware wallets form a habit of checking and confirming every transaction sent.
Besides, the second layer of security in such a case could be ‘test transactions.’ These are carried out by sending a nominal amount of money and then waiting for the confirmation that the recipient’s address is indeed the correct one. However, test transactions are unpopular among the crypto community, as it requires double the gas fees.
On the Flipside
- Having a cold hardware wallet reduces the chances of getting hacked.
- However, there’s been reports that cybercriminals managed to poison cold wallet addresses.
- Hence, there’s no way to stop scammers from sending money to your crypto wallet.
- A habit of “continual scrutiny” is recommended by MetaMask.
Why You Should Care
While ‘address poisoning’ is a relatively new scamming technique, 2022 was one of the most active years in crypto hacks and scams. Ultimately, the crypto transgressors tend to carry out phishing exploits in most cases.
Learn more about the most gripping hacks and scams:
Fake Pokémon NFT Game Infests Users’ Computers With Malware
He Fell Victim to Crypto Romance Scam: What’s Waiting Ahead?