01-07-2023, 11:08 PM
UPDATE - I didn't got any malware, I got Address Poisoning Attacked
<!-- SC_OFF --><div class="md"><p>Hi,</p> <p>I recently made a post (<a href="https://www.reddit.com/r/CryptoCurrency/comments/105kx22/i_just_got_phished_for_5k_in_the_worst_possible/">https://www.reddit.com/r/CryptoCurrency/comments/105kx22/i_just_got_phished_for_5k_in_the_worst_possible/</a>) in which I initially thought I got a malware or virus which changed my wallet address while pasting however after reading many articles and recalling what happened, I can assure that it was Address Poisoning Attack.</p> <hr/> <p><strong>What it Address Poisoning Attack:</strong> It is an attack in which attacker send a spoof transaction from my own wallet address to my previously used address where I sent USDT/USDC/ETH etc.</p> <p>In my case, they sent transactions from my own address (using smart contract) to their fake addresses which looks exactly similar to mine on the first look.</p> <p><strong>This is what I saw in my ledger:</strong> <a href="https://i.imgur.com/DRQEyUr.png">https://i.imgur.com/DRQEyUr.png</a></p> <p>On 1st Jan, 2023 at 1:33 PM, I sent 5000 USDT to Binance.</p> <p>After that, I got 7 spoof transactions in which all were sent to similar address as of the real binance address.</p> <p>This is how a transaction looks like when clicked: <a href="https://i.imgur.com/xAQAs45.png">https://i.imgur.com/xAQAs45.png</a></p> <p>So, I clicked this transaction and copied the <strong>To</strong> account and pasted it in my ledger.</p> <p>Today at 2:25 PM, I sent 5000 USDT to Binance, little did I know that it wasn't real one.</p> <hr/> <p>Now, this is my own fault. In my defense, I will say that I always sent any amount by checking first 4 digits and last 4 digits of my wallet address. I have been using this Binance Address since 2021 and I remember the last 4 digits orally.</p> <p>Until today, I never knew Vanity Address Generation is possible in Ethereum. It was a very smart attack by the attackers and now I am feeling a fool. </p> <p>I am just posting it here so that all of you can learn from my $5000 mistake. I am not going to get it back as the hacker used Tornado.cash to add MATIC balance to their addresses.</p> <p>If anyone want to help me a little bit, you know my wallet. I would appreciate it.</p> </div><!-- SC_ON --> submitted by <a href="https://www.reddit.com/user/ImThour"> /u/ImThour </a> <br/> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/105wm3t/update_i_didnt_got_any_malware_i_got_address/">[link]</a></span> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/105wm3t/update_i_didnt_got_any_malware_i_got_address/">[comments]</a></span>
<!-- SC_OFF --><div class="md"><p>Hi,</p> <p>I recently made a post (<a href="https://www.reddit.com/r/CryptoCurrency/comments/105kx22/i_just_got_phished_for_5k_in_the_worst_possible/">https://www.reddit.com/r/CryptoCurrency/comments/105kx22/i_just_got_phished_for_5k_in_the_worst_possible/</a>) in which I initially thought I got a malware or virus which changed my wallet address while pasting however after reading many articles and recalling what happened, I can assure that it was Address Poisoning Attack.</p> <hr/> <p><strong>What it Address Poisoning Attack:</strong> It is an attack in which attacker send a spoof transaction from my own wallet address to my previously used address where I sent USDT/USDC/ETH etc.</p> <p>In my case, they sent transactions from my own address (using smart contract) to their fake addresses which looks exactly similar to mine on the first look.</p> <p><strong>This is what I saw in my ledger:</strong> <a href="https://i.imgur.com/DRQEyUr.png">https://i.imgur.com/DRQEyUr.png</a></p> <p>On 1st Jan, 2023 at 1:33 PM, I sent 5000 USDT to Binance.</p> <p>After that, I got 7 spoof transactions in which all were sent to similar address as of the real binance address.</p> <p>This is how a transaction looks like when clicked: <a href="https://i.imgur.com/xAQAs45.png">https://i.imgur.com/xAQAs45.png</a></p> <p>So, I clicked this transaction and copied the <strong>To</strong> account and pasted it in my ledger.</p> <p>Today at 2:25 PM, I sent 5000 USDT to Binance, little did I know that it wasn't real one.</p> <hr/> <p>Now, this is my own fault. In my defense, I will say that I always sent any amount by checking first 4 digits and last 4 digits of my wallet address. I have been using this Binance Address since 2021 and I remember the last 4 digits orally.</p> <p>Until today, I never knew Vanity Address Generation is possible in Ethereum. It was a very smart attack by the attackers and now I am feeling a fool. </p> <p>I am just posting it here so that all of you can learn from my $5000 mistake. I am not going to get it back as the hacker used Tornado.cash to add MATIC balance to their addresses.</p> <p>If anyone want to help me a little bit, you know my wallet. I would appreciate it.</p> </div><!-- SC_ON --> submitted by <a href="https://www.reddit.com/user/ImThour"> /u/ImThour </a> <br/> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/105wm3t/update_i_didnt_got_any_malware_i_got_address/">[link]</a></span> <span><a href="https://www.reddit.com/r/CryptoCurrency/comments/105wm3t/update_i_didnt_got_any_malware_i_got_address/">[comments]</a></span>