Binance’s team of security experts has developed a solution to combat the increasing number of address poisoning scams that deceive investors into sending funds to fake addresses. According to a report shared with Cointelegraph, the algorithm created by the security team at the world’s largest cryptocurrency exchange has successfully detected millions of poisoned crypto addresses.
Address poisoning, also known as address spoofing, is a deceptive tactic employed by scammers. They send a small amount of digital assets to a wallet that closely resembles the intended victim’s address. By doing so, they make it part of the wallet’s transaction history, hoping that the victim will accidentally copy and send funds to the fraudulent address.
Binance’s algorithm identifies spoofed addresses by first flagging suspicious transfers, such as those involving near-zero value or unknown tokens. These transfers are then paired with potential victim addresses, and malicious transactions are timestamped to determine the possible point of poisoning.
To protect the wider crypto industry from these scams, the spoofed addresses are registered in the database of HashDit, a Web3 security firm that is Binance’s security partner. The algorithm also helps identify spoofed addresses on HashDit’s user-facing products, web browser extensions, and MetaMask Snaps.
Address poisoning has become a growing concern, particularly after a recent incident in which an unknown trader lost $68 million to an address-poisoning scam. On May 3, the trader accidentally sent $68 million worth of Wrapped Bitcoin (wBTC) in a single transaction to a spoofed address. However, in a surprising turn of events, the thief returned the funds on May 13, possibly due to the increased attention from on-chain investigators who uncovered potential IP addresses located in Hong Kong. This suggests that the scammer was not a white hat hacker but a thief who became frightened by the public scrutiny.
Although address poisoning scams may appear easy to avoid, many traders only verify the first and last digits of a wallet’s 42-character alphanumeric code. This is because most protocols only display the first and last digits. Additionally, scammers use vanity address generators to customize their addresses, making them appear less random and more similar to legitimate addresses.
In conclusion, Binance’s innovative algorithm provides a much-needed preventive measure against address poisoning scams, safeguarding investors and the wider crypto industry.