Binance Combats Address Poisoning Scams After $68M Loss

YEREVAN (CoinChapter.com) — Binance, the world’s largest cryptocurrency exchange, has developed a new algorithm to tackle “address poisoning.” So far, the algorithm has detected over 13.4 million spoofed addresses on the BNB Smart Chain and 1.68 million on the rivaling Ethereum blockchain.

Address poisoning, also known as address spoofing, is a tactic where scammers send small amounts of digital assets to a wallet. They hope that the victim will later mistake the scam address for their own and send funds to it.

Binance‘s algorithm launch comes two weeks after an unknown trader lost $68 million to an address-poisoning scam. The scammer returned the funds on May 13. On-chain investigators had exposed the scammer’s potential Hong Kong-based IP addresses, leading to the return of the stolen funds.

According to Binance, Trust Wallet is one example of a service that uses this database to alert users about potential spoofed addresses. The algorithm also flags these addresses on HashDit’s user-facing products, including web browser extensions and MetaMask Snaps.

How Binance’s Algorithm Works Against Address Poisoning

Binance’s algorithm notes that many traders only verify the first and last digits of a wallet’s 42-character address, making them vulnerable to address poisoning scams.

Scammers use vanity address generators to create addresses that look similar to the victim’s, increasing the chances of deception. For instance, an authentic Ethereum address like 0x19x30f…62657 could be spoofed as 0x19x30t…72657, differing only in the middle characters.

The algorithm identifies suspicious transfers, such as those with near-zero value or unknown tokens. It then pairs these transactions with potential victim addresses and timestamps them to locate the poisoning attempt.

Partnership with HashDit Enhances Security

Once identified, these spoofed addresses are registered in a database managed by Web3 security firm HashDit. This database is used by various cryptocurrency service providers to boost their defenses against address-proofing scams.

Thus, Binance’s partnership with HashDit plays a crucial role in this new security measure. HashDit’s API is widely used by cryptocurrency service providers to protect against scams. By integrating the database of poisoned addresses, these providers can alert users before they mistakenly transfer funds to a spoofed address.

The post Binance Combats Address Poisoning Scams After $68M Loss appeared first on CoinChapter.