adaseb (OP)
Legendary
 Offline
Activity: 3752
Merit: 1709
|
 |
December 04, 2022, 05:14:03 PM Merited by JeromeTash (1) |
|
This is not my address but its a similar transaction. https://etherscan.io/address/0xf5e3bf94664763949ba3b1bd20436cd90de18d07#tokentxnsThis individual sent 4000 USDT to 0x362e9b95907f88eafa33bb519c7046a32d3fb887 Then a few minutes later a 0 USDT transaction went to a similar address 0x361c73a3943094fba350f505f5506def77efb887 The last few characters are similar and first 2 are the same "0x36". Anyone know why this is happening? Obviously its not the address holders doing this transaction. Basically sent 0 USDT and 0 USDC to different addresses? Anyone know why this is happening? The transaction doing this is https://etherscan.io/tx/0xa7d38a04485864e7c4481d8258f0cc9bea335bf38d61cfaa37ae8b6c0c8d72b9Anyone know why they are doing this? Seems to be wasting fees. Is it just an etherscan bug? I know that it didn't come out of my actual address because the next nonce doesn't include this transaction, which means it never came out of my wallet. |
|
|
|
|
|
|
|
|
Whoever mines the block which ends up containing your transaction will get its fee.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
hopenotlate
Legendary
Offline
Activity: 3318
Merit: 1225
Top Crypto Casino
|
|
December 04, 2022, 06:34:45 PM |
|
Thanks for sharing this article, wans't aware of this new wave of scam : we can't even trust our own tx history anymore lol. I often do things in rush even when using cryptos but this is yet another evidence we always must take the time of doublechecking everything when sending out coins. |
|
|
|
|
len01
|
|
December 04, 2022, 08:59:26 PM |
|
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
|
crzy
|
|
December 04, 2022, 09:09:13 PM |
|
Is this possible even if you didn’t share any details about your wallet? I mean its more of a private wallet where you just hold your big money and no one knows about it. If this is just an old way to scam you then better not to look at it, or ignore it because many says if you make transaction about that specific token, then your details will be corrupted and you’ll get hacked. |
|
|
|
|
JeromeTash
Legendary
Offline
Activity: 2142
Merit: 1210
Heisenberg
|
|
December 04, 2022, 09:20:47 PM
Last edit: May 14, 2023, 03:45:17 PM by JeromeTash |
|
This is why it's very important to copy the deposits address from the exchange deposit address section or other person's deposit address rather than rely on transaction history Also, wallets like trust wallet should implement a feature where one can label transactions just like it is with electrum, This will help the would be victims from noticing that something is off when they attemtp to copy wallet addresses from the transaction history Something like this  |
|
|
|
|
Maestro75
|
|
December 04, 2022, 09:28:39 PM |
|
If this is just an old way to scam you then better not to look at it, or ignore it because many says if you make transaction about that specific token, then your details will be corrupted and you’ll get hacked.
Those who do it know what they want to achieve and it is something that will not favour the wallet owner. I have noticed similar thing in my trust wallet and it used to scare me until I understood that since am not claiming the suspicious tokens nothing bad happens to my wallet. I have learned to just ignore it whenever I notice it nowadays. Criminals everywhere online seeking who to swallow. |
|
|
|
|
serjent05
Legendary
Offline
Activity: 2842
Merit: 1253
Cashback 15%
|
|
December 04, 2022, 11:35:07 PM |
|
Anyone know why they are doing this? Seems to be wasting fees. Is it just an etherscan bug?
As Ratimov posted link stated. That is for preparation to make you make a mistake if somehow you copy-pasted an address from your history. If you don't copy-paste an address from your transaction history, then you are safe. So this is like creating an opportunity for the sender to make a mistake and send the amount to the address that is created specifically for this attack. So to avoid being a victim of this Address Poisoning Attack, Make sure you don't copy the address from your transaction history. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
adaseb (OP)
Legendary
Offline
Activity: 3752
Merit: 1709
|
|
December 05, 2022, 05:19:25 AM |
|
Thanks for posting that article. It all makes sense now.
I am really surprised that etherscan makes the transaction appear out of my wallet. And I also found it very odd that the destination address of mine was very similar with the first and last characters identical.
Crazy how so far they gained almost $2M cheating people this way.
|
|
|
|
|
yazher
|
|
December 05, 2022, 05:31:36 AM |
|
I wonder how they did this that's why it feels strange when my wallet received some shit tokens and I ended up not using it anymore cause I've been using my BSC wallet on NFT games and others back then. It might be the same reason they got my wallet address and decided to send me those traps. They are really getting updated with their scams as well and if we don't read and learn from here, we might end up falling into their trap one day. |
|
|
|
|
jossiel
|
|
December 05, 2022, 07:21:12 AM |
|
I saw the same events just as what happened to you and to my surprise: Crazy how so far they gained almost $2M cheating people this way.
That's already a lot if they've gained this much by doing this. I think to have a better exposure to this type of attack, the crypto news media should have their initiative to have it covered in their articles especially the most popular ones. |
Signature for rent
|
|
|
|
Crypt0Gore
|
|
December 05, 2022, 07:24:18 AM |
|
If this is just an old way to scam you then better not to look at it, or ignore it because many says if you make transaction about that specific token, then your details will be corrupted and you’ll get hacked.
Those who do it know what they want to achieve and it is something that will not favour the wallet owner. I have noticed similar thing in my trust wallet and it used to scare me until I understood that since am not claiming the suspicious tokens nothing bad happens to my wallet. I have learned to just ignore it whenever I notice it nowadays. Criminals everywhere online seeking who to swallow. You did the right thing, also trust wallet devs are aware of those scam tokens so they won't appear in your wallet as a valid token, you won't even know that you have such token unless you use ether scan to scan your wallet address. |
|
|
|
adaseb (OP)
Legendary
Offline
Activity: 3752
Merit: 1709
|
|
December 05, 2022, 04:13:13 PM |
|
I wonder how they did this that's why it feels strange when my wallet received some shit tokens and I ended up not using it anymore cause I've been using my BSC wallet on NFT games and others back then. It might be the same reason they got my wallet address and decided to send me those traps. They are really getting updated with their scams as well and if we don't read and learn from here, we might end up falling into their trap one day. Getting scam tokens depossited into your wallet is nothing knew. Its been going on for years. Basically they deposit some fake token like USDT Coin and give you like 1,000,000 tokens and they list some scam website, in the same website you can exchange 1,000,000 of the token for $1,000,000 but the trick is to get your private key, this is obviously an old scam and not the same. This scam is different because it makes it seem like the token transfer came out of your wallet. At first you think your seed is compromised however when you look closer it seems like its some exploit, which it is. |
|
|
|
|
Oneandpure
|
|
December 05, 2022, 06:37:45 PM |
|
Unique way how to scam us by sending 0 USDT, but this first cases I heard because last week my friend update received 0 USDT amount but with BSC chain network not ERC20. I can't explain yet how this possibility happen, have different label fake USDT and real USDT or not? Still looking for with scammer how exploit our main wallet by sending fake USDT with 0 amount, actually have different contract with real stable coins with fake stable coin and right now scammer one step forward with their smart ideas how to scam us.
|
| │ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███▀▀▀█████████████████
███▄▄▄█████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
███████████████████
███████████████
████████████████████████ | ███████████████████████████
███████████████████████████
███████████████████████████
█████████▀▀██▀██▀▀█████████
█████████████▄█████████████
████████▄█████████▄████████
█████████████▄█████████████
█████████████▄█▄███████████
██████████▀▀█████████████
██████████▀█▀██████████
▀███████████████████▀
▀███████████████▀
█████████████████████████ | | | O F F I C I A L P A R T N E R S
▬▬▬▬▬▬▬▬▬▬
ASTON VILLA FC
BURNLEY FC | │ | | │ | | BK8? | | | █▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄ | .
PLAY NOW | ▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄█ |
|
|
|
MikkisJ
Member
Offline
Activity: 126
Merit: 11
|
|
December 05, 2022, 10:39:24 PM |
|
This scam is different because it makes it seem like the token transfer came out of your wallet. At first you think your seed is compromised however when you look closer it seems like its some exploit, which it is.
It is not exploit, it is a feature implemented by ETH devs, also copied to BSC. This was created on purpose, Ethereum virtual machine is coded to accept transactions from your wallet without private keys. Absolutely anyone can send any tokens from any wallet, as long it's 0. |
|
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
|
December 06, 2022, 05:15:44 AM |
|
This scam is different because it makes it seem like the token transfer came out of your wallet. At first you think your seed is compromised however when you look closer it seems like its some exploit, which it is.
It is not exploit, it is a feature implemented by ETH devs, also copied to BSC. This was created on purpose, Ethereum virtual machine is coded to accept transactions from your wallet without private keys. Absolutely anyone can send any tokens from any wallet, as long it's 0. It is a bug, not an exploit, for sure it shouldn't be an intended implication of the developer's intent. This also should not be on purpose. Allowing a transaction to be accepted without user consent seriously harms the ecosystem. In the first place, things like this should be considered if they are aware of the current flawed implementation occurrence. Thus it makes no sense if the smart contract developers were allowing this to happen. |
|
|
|
|
MikkisJ
Member
Offline
Activity: 126
Merit: 11
|
|
December 06, 2022, 12:29:38 PM |
|
It is a bug, not an exploit, for sure it shouldn't be an intended implication of the developer's intent. This also should not be on purpose. Allowing a transaction to be accepted without user consent seriously harms the ecosystem. In the first place, things like this should be considered if they are aware of the current flawed implementation occurrence. Thus it makes no sense if the smart contract developers were allowing this to happen.
Of course they knew, they were the ones who created this backdoor and vulnerability in the first place. Read the code, they made the code that accepts transactions without signature of the owner of the address. Without private keys. Other crypto like BTC or XRP don't have this backdoor. |
|
|
|
|
|
cheezcarls
|
|
December 06, 2022, 01:01:54 PM |
|
Nothing new to me. I’ve received such scam tokens deposited into my multiple wallets (even cold storage) and I just simply ignored them. But back then, I could have almost fallen victim but good thing I took time to research and doing my due diligence.
You just simply do not claim them nor touching it. Just leave it as it is and nothing happens.
|
|
|
|
MikkisJ
Member
Offline
Activity: 126
Merit: 11
|
|
December 06, 2022, 09:20:52 PM |
|
Nothing new to me. I’ve received such scam tokens deposited into my multiple wallets (even cold storage) and I just simply ignored them. But back then, I could have almost fallen victim but good thing I took time to research and doing my due diligence.
You just simply do not claim them nor touching it. Just leave it as it is and nothing happens.
This is the opposite. Token are moved FROM you wallet, not to your wallet. It's 0 tokens though. |
|
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
|
December 07, 2022, 11:49:07 AM |
|
It is a bug, not an exploit, for sure it shouldn't be an intended implication of the developer's intent. This also should not be on purpose. Allowing a transaction to be accepted without user consent seriously harms the ecosystem. In the first place, things like this should be considered if they are aware of the current flawed implementation occurrence. Thus it makes no sense if the smart contract developers were allowing this to happen.
Of course they knew, they were the ones who created this backdoor and vulnerability in the first place. Read the code, they made the code that accepts transactions without signature of the owner of the address. Without private keys. Other crypto like BTC or XRP don't have this backdoor. Honestly, I give the benefit of the doubt to the developers. By mean developer the initial development made by the OpenZeppelin dev, do note that as an ecosystem everyone who comprehends code can see the implication of this flawed code, but, nobody bats an eye until this flaw mechanism is being used by a scammer. The code is also used by another developer, the one who made the smart contract implementation which used the OpenZeppelin library. Though it is indeed concerning when many developers allowed this to happen, I wonder what is their reasoning. |
|
|
|
|
nikokovacic90
Newbie
Offline
Activity: 17
Merit: 0
|
|
December 07, 2022, 01:18:51 PM |
|
Can people transfer money from cold wallet? Without having them? Isnt it the main purpose of Cold Wallets to keep assets safe?
|
|
|
|
|
|
