Every time you deposit to Binance, Coinbase, or another exchange you’re being targeted by malicious bots.

Here is what you should know to stay safe.

🔶 Here we explain an attack method known as Address Poisoning. This is an active attack that’s currently running on some blockchains like BinanceSmartChain targeting all users sending large sums.

🔶 The attack works by running automated bots configured to identify and address involved in transfers exceeding a certain amount.

Once such an address is identified the bot uses various tactics to trick the owner of the addresses to send crypto to a bot-controlled address.

🔶 For illustration we look into a case of a user making a deposit in BUSD, USDT, or USDC to his/her Binance account.

When the deposit amount matches the bot’s threshold criteria the user is targeted.

🔶 Shortly after the target user sends a deposit transaction, a bot creates another transaction that transfers 0 AMOUNT from the user’s address to a bot-controlled address (which looks similar to the user’s Binance deposit address).

🔶 Note the following:

a) Making a 0 amount from the address you don’t control Is possible due to the nature of some ERC20/BEP20 tokens. Binance’s BUSD token is no exception.

b) Bots may generate addresses that have a matching first and last 4 digits of any other address.

🔶 So, a malicious bot finds a target(victim) and generates an address similar to the target’s Binance deposit address. Then bot sends a 0 AMOUNT transfer from the target’s address to the one generated by the bot.

A bot may send a bulk transaction targeting many users at once.

🔶 As a result, the target user sees two transactions in his/her wallet app (or blockchain explorer). The one with the actual deposit and the other initiated by a bot.

Most users don’t bother about the nature of such transactions as they don’t affect the funds on balance.

🔶 Now the problem occurs when a targetted user opens one of such transactions in the future to copy the deposit address from it thinking it’s his/her deposit address for Binance.

🔶 Since most users look at the first/last 4–5 symbols of the address when copying the possibility of copying the bot’s address and sending the deposit to a bot’s controlled address is there.

🔶 The problem is further exacerbated by the fact that wallet apps do not display payment addresses in full and typically show only the first and last 5 digits of the payment address. So, the possibility of miscopying the address is always there.

🔶 To address the issue Unstoppable wallet is now able to detect all such transactions and auto-remove them from the transactions list. Also, the payment addresses are now displayed in full.

Stay safe! p.s. follow us at Unstoppable Wallet for more tips on how to stay safe