ZachXBT
@zachxbt
Someone lost $68M (1155 WBTC) three hours ago from an address poisoning scam by mistakenly copying the wrong address. Theft transaction 0x3374abc5a9c766ba709651399b6e6162de97ca986abc23f423a9d893c8f5f570 Victim 0x1E227979f0b5BC691a70DEAed2e0F39a6F538FD5
19 replies
7 recasts
90 reactions
John Palmer đĄ
@john
How do you think this gets done by the hacker?
1 reply
0 recast
0 reaction
Thomas
@aviationdoctor.eth
Scammer sends a very small amount of tokens to the victim from a wallet with an address whose first three hexes after 0x are identical Unsuspecting victim copies the address from their transaction history not realizing itâs not the habitual address they send to Victim proceeds to transfer to the scammerâs address
2 replies
0 recast
4 reactions
yashwantđ©
@ywc
that's exactly what happened, copy pasta from tx history. Devastating, should have set ens as primary name address. For a tx worth $70M i can spend days checking every bit of the address for atleast 100 times
1 reply
1 recast
2 reactions
Thomas
@aviationdoctor.eth
I donât know what the address they meant to send to was, but it if wasnât under their control (like a CEX, or someone elseâs), they wouldnât even have the ability to set an ENS. The truncation in the UX doesnât help
2 replies
0 recast
0 reaction
yashwantđ©
@ywc
Legit Counterpart: 0xd9A1b0B1e1aE382DbDc898Ea68012FfcB2853a91 Scammer address: 0xd9A1C3788D81257612E2581A6ea0aDa244853a91 Scammer sends the fake token to victims address that has the same 6 chars in the beginning and end
1 reply
0 recast
0 reaction
Thomas
@aviationdoctor.eth
Oof thatâs devious. I wonder how long it took the scammer to derive âvanityâ addresses with that much similarity. Iâm guessing it wasnât trivial and only worth doing for higher-value targets 100 $degen
1 reply
0 recast
0 reaction
