Victim loses over $71 million worth of WBTC in purported 'address poisoning' attack
Quick Take
- Someone lost around $71 million worth of wrapped bitcoin in what appears to be an “address poisoning” attack.
- A poisoning attack involves the attacker mimicking the victim’s address to trick them into sending funds to the wrong destination.
Someone lost over $71 million worth of wrapped bitcoin (WBTC) in what appears to be an address poisoning attack.
The victim transferred 1,155 WBTC ($71.1 million) to the alleged attacker, according to on-chain transfers from the Etherscan blockchain explorer.
A poisoning attack when the hacker conjures a wallet address similar to the victim's, either through vanity address services or through address mining, and spams the victim with numerous transactions. If the victim accidentally copies the hacker's fake address, they'll have transferred their funds to the hacker instead of to their own.
The hacker's address has since been marked "fake" and "phishing" on the Ethereum blockchain explorer Etherscan.
Wrapped bitcoin is an ERC-token pegged 1:1 with bitcoin so that it can be used in the Ethereum ecosystem. WBTC traded at $61,644.23 at 11:13 a.m. ET (15:13 UTC) on May 3, seeing a 3.95% of $2,338 in the past 24 hours, according to The Block Prices page.
Poisoning attack basics
Attackers often mimic several of the first and last digits of a wallet address, which people frequently check when sending funds.
Binance's former CEO Changpeng 'CZ' Zhao explained that such attacks can be deceptively effective after an August 2023 security incident.
"The scammers are so good now they generate addresses with the same starting and ending letters, which is what most people check for when doing a crypto transfer," Zhao wrote on social media at the time. "In fact, many wallets hide the middle part of the address with '...' to make the UI look better. The scammer then use [sic] this address to send you dust transactions so that the address is shown in your wallet."
"Now, if you want to send to the legitimate address, you might just pick one previous transactions [sic] in your wallet and copy the address. You might just copy the wrong one," Zhao continued. "This is what happened yesterday, to a very experienced crypto operator."
Zhao added that the operator in the August incident noticed the fraudulent transaction and stopped the transfer of funds in time.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
