Growing Losses from Address Poisoning Attacks
According to a new report by analytics firm Scam Sniffer, victims of Ethereum address poisoning attacks have lost over $62 million since December 2022. Attackers use 'dust' transactions to 'pollute' users' wallets, then drain funds from these compromised addresses.
This scheme has become especially popular after the Fusaka upgrade, which simplified and reduced the cost of carrying out such attacks. Experts say that now cybercriminals can poison wallets for pennies.
Mobile wallets and services with open APIs, where it's easy to track all incoming transactions, are the most vulnerable. Newcomers to the crypto space, unfamiliar with these tactics, are also common targets.
How to Protect Against Address Poisoning?
- Use cold wallets. Hardware wallets, not connected to the internet, are much less susceptible to attacks.
- Enable transaction filtering. Desktop and mobile wallets have settings to block incoming dust transactions.
- Be cautious with open APIs. Services with open APIs are more prone to monitoring and wallet address tracking for attacks.
- Learn to spot fraud signs. Familiarize yourself with suspicious transactions and addresses to prevent wallet takeover in time.
Although address poisoning attacks have become more widespread, they can be avoided by taking basic precautions. The crypto community needs to be more proactive in educating users about new threats and protection methods.