Binance’s new security measures aim to protect users from spoofed addresses.
Binance, the world’s largest cryptocurrency exchange, has introduced a groundbreaking solution to combat the growing threat of address poisoning fraud. The scheme follows a major exploit that saw traders lose $68 million to such scams. A new algorithm developed by the Binance security team successfully identified millions of spoofed addresses on the BNB Smart Chain and Ethereum.
How the Algorithm Works
Sophisticated algorithms work by detecting and flagging potentially tainted addresses before the user initiates a transaction. It specifically looks for suspicious transfers involving minimal value or unrecognized tokens linked to legitimate user addresses. By analyzing the timing of these malicious transactions, algorithms can pinpoint the moment when an address was likely compromised.
Binance’s report highlights that over 13.4 million spoofed addresses have been identified on the BNB smart chain, with a further 1.68 million identified on Ethereum. This address is now recorded in the database of HashDit, a Web3 security company in partnership with Binance. This database can be accessed by other cryptocurrency service providers, strengthening the community’s overall defenses against such scams.
Broad industry impact
Services like Trust Wallet leverage HashDit’s API to warn users about potential risks associated with spoofed addresses. Additionally, the algorithm will be integrated into user-facing products, web browser extensions, and MetaMask Snaps to further extend protection across the cryptocurrency ecosystem.
Challenges of Address Addiction
Address poisoning involves fraudsters sending small amounts of digital assets to a wallet that closely mimics the potential victim’s address. This method leverages the common user practice of only checking the first and last few characters of an address. Scammers often use virtual address generators to create addresses that look similar to real addresses, making it difficult for users to identify any discrepancies without thorough verification.
Recent Scams and How to Fix Them
The need for these preventative tools was further highlighted by a recent incident in which $68 million in wrapped Bitcoin was mistakenly sent to a spoofed address. Surprisingly, the stolen funds were returned after on-chain investigators traced the fraudster’s IP address to Hong Kong, suggesting the thief had become uneasy due to the heightened scrutiny.