Binance Combats Address Poisoning Scams Issue

Binance combats Address poisoning scams issue by developing a new “antidote” to help against such attacks.

The security professionals at Binance have devised a “preventative measure” against the increasing prevalence of address poisoning schemes, which deceive investors into voluntarily transferring funds to a bogus address.

According to a report shared with Cointelegraph, the security team of the largest cryptocurrency exchange in the world devised an algorithm that detected millions of compromised crypto addresses:

“We have developed a unique method of identifying poisoned addresses, which helps us to alert users before they send money to criminals and was instrumental in identifying and flagging more than 13.4 million spoofed addresses on BNB Smart Chain and 1.68 million on Ethereum.”

Address poisoning, also known as address spoofing, is a deceptive technique in which fraudsters insert a small number of digital assets into a wallet that resembles the address of the potential victim. The objective is to include the funds in the wallet’s transaction log, hoping that the target will inadvertently transfer funds to the compromised account.

The algorithm employed by Binance initially discerns spoofed addresses by coupling suspicious transfers—those exhibiting unknown tokens or values approaching zero—with potential victim addresses. Subsequently, malicious transactions are timestamp-validated to pinpoint the possible point of poisoning.

According to Binance’s report, the spoofed addresses are registered in the database of HashDit, Binance’s security partner and a Web3 security firm. This registration will help protect the broader cryptocurrency industry against poisoning schemes.

“Many cryptocurrency service providers use HashDit’s API to boost their defenses against a variety of scams. One of them, for example, is Trust Wallet, which uses the database of poisoned addresses to alert users when they are about to transfer funds to a spoofed recipient.”

Additionally, this algorithm will flag counterfeit addresses on MetaMask Snaps, user-facing products, and web browser extensions developed by HashDit.

Address poisoning is a developing concern in the wake of a $68 million fraud

A preventive algorithm became imperative two weeks ago after an unidentified trader’s financial loss of $68 million due to an address-poisoning scheme. On May 3, they inadvertently transferred $68 million worth of Wrapped Bitcoin (BTC) to a spoofed address in a single transaction.

The criminal returned the $68 million on May 13, an advantageous and enigmatic development that occurred after multiple on-chain investigators began to uncover his possible Hong Kong-based IP addresses. This indicates that the fraudster was a thief who succumbed to public apprehension subsequent to the scheme rather than a white-hat hacker.

Although address poisoning schemes may appear trivial to circumvent, most traders only validate the initial and final digits of the wallet’s 42 alphanumeric characters, given that most protocols only display such figures.

According to Binance, scammers complicate matters further by customizing their addresses to appear less arbitrary or more similar to a given address using vanity address generators.

“An authentic Ethereum address like 0x19x30f…62657 could be spoofed using a similar-looking 0x19x30t…72657, which can be totally different in the middle while maintaining the first and last few characters.”