The security team at Binance created an algorithm that has already detected millions of poisoned crypto addresses, according to new reports.
The team said that they have developed a unique method of identifying poisoned addresses and this helps them alert users before they send money to criminals. The algorithm was already useful in identifying and flagging over 13.4 million spoofed addresses on BNB Smart Chain and 1.68 million on Ethereum.
Binance teams up with HashDit Web3 security firm
Address poisoning or spoofing is a deception trick in which scammers send a small amount of crypto to a wallet that closely resembles the potential victim’s address to make it part of the wallet’s transaction history. The bad actors do this in the hope that the victim will accidentally copy and send funds to their address.
Binance’s new algorithm detects spoofed addresses by identifying suspicious transfers, such as the ones with near zero value or unknown tokens, pairing them with potential addresses of the victims. They are able to timestamp malicious transactions to find the potential point of poisoning.
Binance noted that a lot of crypto service providers use the HashDit’s API to boost defenses against various scams. The exchange also offered the example of Trust Wallet which uses the database of poisoned addresses to alert users when they are about to transfer funds to a bad actor’s recipient.
This new algorithm will help flag spoofed addresses on HashDit’s user-facing products, MetaMask Snaps, and web browser extension.
Address poisoning, a growing concern
The necessity of such a useful algorithm was seen especially two weeks ago after an unknown trader lost $68 million to an address-poisoning scam. The user sent $68 million worth of Wrapped Bitcoin in a single transaction to a spoofed address on May 3.
Surprisingly, the thief returned the amount on May 13 after various on-chain investigators shed light on his potential Hong Kong-based IP address.
The result suggested that the bad actor was not necessarily a white hat hacker, but a thief who became scared of public shaming following the scam.
Even though address poisoning scams may seem easily avoidable, most traders only check the first and last digits on the wallet’s 42 alphanumeric characters, considering that most protocols display only these.
Scammers also rely on vanity address generators to customize their addresses in such a way to seem less random or more similar to a given address, Binance noted.
Hopefully, Binance’s new algorithm can help prevent such scams in the future.