Security experts at Binance have developed an “antidote” against the increasing cases of scams

16 May، 2024Last Updated: 16 May، 2024

1,854 2 minutes read

Security experts at Binance have developed an “antidote” against the increasing cases of address poisoning scams, which trick investors into willingly sending funds to a fraudulent address.

The security team at the world's largest cryptocurrency exchange developed an algorithm that detected millions of poisoned cryptocurrency addresses, according to a report shared with Cointelegraph:

“We have developed a unique method for identifying poisoned addresses, which helps us alert users before sending funds to criminals and has been instrumental in identifying and reporting more than 13.4 million fake addresses on BNB Smart Chain and 1.68 million on Ethereum.”

Address poisoning, or address spoofing, is a scam in which fraudsters send a small amount of digital assets to a wallet that closely resembles the potential victim's address, to make it part of the wallet's transaction history – in the hope that the victim will mistakenly copy and send the funds to their address.

Binance's algorithm detects spoofed addresses by first identifying suspicious transfers, such as those with a value close to zero or unknown tokens, pairing them with potential victim addresses, and timestamping the malicious transactions to find the potential point of poisoning.

The spoofed addresses were recorded in the database of security firm Web3 HashDit, Binance's security partner, which will help protect the broader cryptocurrency industry from toxic scams, according to a Binance report.

“Many cryptocurrency providers are using the HashDit API to strengthen their defenses against a variety of scams. One, for example, is Trust Wallet, which uses a database of poisoned addresses to alert users when they are about to transfer money to a fraudulent recipient.

The algorithm will also help flag fraudulent addresses on user-facing HashDit products, web browser extensions, and MetaMask Snaps.

Related: Post-FTX Cryptocurrency Industry Needs Education Before Regulation – Former Biden Advisor

Headline poisoning is a growing concern after a $68 million scam

The necessity of a protective algorithm became clear two weeks ago, after an unknown trader lost $68 million in an address-poisoning scam. They mistakenly sent $68 million worth of Wrapped Bitcoin (wBTC) in a single transaction to a spoofed address on May 3.

In a fortunate but mysterious turn of events, the thief returned the $68 million on May 13, after several on-chain investigators began highlighting his possible IP addresses in Hong Kong. This suggests that the scammer was not a white hat hacker, but rather a thief who became afraid of public attention after the scam.

It may seem easy to avoid address poisoning scams, but most traders only check the first and last digit of the 42 alphanumeric characters in the wallet, with most protocols only displaying the first and last digits.

To make matters more difficult, scammers rely on fake address generators to customize their addresses to appear less random or more similar to a specific address, according to Binance.

“A native Ethereum address like 0x19x30f…62657 could be spoofed using a similar address 0x19x30t…72657, which could be completely different in the middle while keeping the first and last few characters.”