Burrito Wallet (Crypto Wallet)- Web3, Let's wrap it up

See more

Sent to the address that I’ve used in the past, and it’s… gone?

Since the end of last year, many cases had been raised and shared among crypto communities that regardless of sending crypto to the normal address, deposits were not made. The image above, a case accused in Bitkeep’s customer service is a similar example.

But, is the address that I tried to send assets, really correct? 🙄

How did the attack happen?

Before the recent incident, reports of "0 USD" transactions on ETH and BSC chains have been noted, with specific criteria for the addresses where these transactions occurred.

This means that addresses with normal transactions could be at risk of having a "0 USD" transaction if they have similar front numbers or back numbers.

If you do not verify the full address, the following process in images below may lead to an accident.

② (hackers) 0USD transfer made in hacked address that has similar parts in normal address.

③ (victims) mistakenly transferred 1,000USD to hacked address, thinking the hacked address to be noraml address

Increasing Victims

Daily Records of Address Poisoning Attack Occurred in BNB Chain
[Source=Dune Dashboard https://dune.com/opang/first-and-last-address-construction] — Daily Records of Address Poisoning Attack Occurred in BNB Chain [Source=Dune Dashboard https://dune.com/opang/first-and-last-address-construction]

In a way, this attack, which causes simple mistakes, has been increasing gradually since the end of last year, which still remains as an on-going major attack.

The trend of address poising attacks as seen in Dune Analytics, an on-chain data open dashboard platform, is shown in the graph above.

According to this, the number of attacks has dramatically soared since late November 22, and the number of attacks has decreased every day between 17:00 UTC and 0:00 UTC, suggesting that attacks are taking place in Asia.

To prevent:

⚠️

Examples of Address Poisoning ☞ Normal Address: 0x75da78432sdf2486g4214dkt42h7le2g412e2a73 ☞ Hacked Address: 0x75d37fd7g64f369flkd4245gka024h48fd0h72a73

Because the wallet addresses are too long and complicated to memorize, you might often check only a part of the front and back addresses and recognize them as normal addresses when transferring crypto assets. In other words, when sending money by copying an old transaction address, you often check only a part of the address.

The address poising attack is a new type of attack taking advantage of this user behavior, and the following methods can be used to prevent this.

Always check the full address before remittance

Check the full address and check again if the address I want to transfer money to is correct.

If the address where the normal transaction was made is stored in the address book, proceed with the remittance using the address book.

Proceed with the remittance using the address in the address book that is continuously doing normal transactions. Of course, it is necessary to have a habit of checking the full text of the address once again.

Use “the safe remittance” function of Burrito Wallet.

In Burrito Wallet, you can simply transfer money to a validated address through your adding a friend or finding member ID on your friend list.

In addition, a remittance request message is automatically sent to the recipient during the remittance process, and the recipient will mutually confirm the remittance address and recipient through the process of accepting it.

3. Check Recipients and Insert the amount of tokens to send

6. Check the [Request to transfer,], [approve request], [complete] message

You can now tell with Burrito Wallet, we can reduce the risk of mistakes in transactions and avoid hackers' attacks such as address poisoning, right? 😎 Now, Bon voyage to safe WEB 3.0 journey ✈

☑️

For safe WEB 3.0 travel

BURRITO

Web3.0 Safety Guide

Address Poisoning Attack (Dec. 2022)

My wallet, my responsibility!

Be aware and prevent risk

Recent Security Issues