OKX WEB3: Classic Theft Cases Faced by Airdrop Hunters and How to Prevent Them
Author: OKX WEB3, WTF Academy Translation: WuBlockchain Classic Theft Cases Faced by Airdrop Hunters and How to Prevent Them 1. Fake accounts posting false airdrops. User A was browsing a popular project’s Twitter when they saw an airdrop announcement under the latest tweet. They clicked the announcement link to participate in the airdrop, which led to phishing. Currently, many phishers use fake official accounts to post false announcements under official tweets to lure users. Users should be cautious and discerning. 2. Official accounts being hijacked. The official Twitter and Discord accounts of a project were hacked. The hackers then posted a fake airdrop link on the project’s official accounts. Since the link was posted from official channels, User B did not doubt its authenticity and clicked the link to participate in the airdrop, only to be phished. 3. Malicious project teams. User C participated in a mining activity of a project, staking all their USDT assets in the project’s staking contract to earn higher rewards. However, the smart contract was neither rigorously audited nor open-sourced. The project team exploited a backdoor in the contract to steal all the assets User C had staked. Common Security Risks in On-Chain Interactions 1. Airdrop Scams Risk Overview: Some users frequently find a large number of unknown tokens in their wallet addresses. These tokens typically fail to trade on commonly used DEXs, prompting the user to visit the token’s official website for exchange. When users authorize transactions, they often grant permissions that allow the smart contract to transfer assets from their accounts, ultimately leading to asset theft. For example, the Zape airdrop scam saw many users suddenly receive large amounts of Zape tokens in their wallets, appearing to be worth tens of thousands of dollars. This led many to mistakenly believe they had unexpectedly become wealthy. However, this was a carefully designed trap. Since these tokens could not be found on legitimate platforms, many eager to cash out searched for the token’s supposed “official website.” After connecting their wallets as prompted, users believed they could sell these tokens, but once authorized, all assets in their wallets were immediately stolen. Preventive Measures: To avoid airdrop scams, users must remain highly vigilant, verify information sources, and always obtain airdrop information from official channels (such as the project’s official website, official social media accounts, and official announcements). Protect your private keys and seed phrases, avoid paying any fees, and use community resources and tools to identify potential scams. 2. Malicious Smart Contracts Risk Overview: Many unaudited or non-open-source smart contracts may contain vulnerabilities or backdoors, failing to ensure the safety of user funds. Preventive Measures: Users should primarily interact with smart contracts that have been strictly audited by reputable auditing companies or check the project’s security audit reports. Additionally, projects with bug bounty programs typically have higher security assurances. 3. Authorization Management Risk Overview: Excessive authorization to interacted contracts can lead to asset theft. For example: 1) If the contract is an upgradeable contract and the private key of the privileged account is leaked, attackers can use the private key to upgrade the contract to a malicious version, thereby stealing assets from authorized users. 2) If the contract has yet-to-be-identified vulnerabilities, excessive authorization may enable attackers to exploit these vulnerabilities in the future to steal funds. Preventive Measures: In principle, only grant necessary authorization limits to interacted contracts, and regularly check and revoke unnecessary authorizations. When performing off-chain permit authorization signatures, be clear about the target contract, asset type, and authorization amount before proceeding. 4. Phishing Authorization Risk Overview: Clicking on malicious links and being tricked into authorizing malicious contracts or users. Preventive Measures: 1) Avoid blind signing: Ensure you understand the content of the transaction you are about to sign and that every step is clear and necessary. 2) Be cautious with authorization targets: If the authorization target is an EOA (Externally Owned Account) or an unverified contract, exercise increased caution. Unverified contracts may contain malicious code. 3) Use anti-phishing wallet plugins: Use wallet plugins with anti-phishing protection, such as the OKX Web3 wallet, which can help identify and block malicious links. 4) Protect seed phrases and private keys: Any website asking for your seed phrase or private key is a phishing site. Never enter these sensitive details on any website or application. 5. Malicious Airdrop Scripts Risk Overview: Running malicious airdrop scripts can lead to the installation of malware on your computer, resulting in the theft of private keys. Preventive Measures: Be cautious when running unknown airdrop scripts or airdrop software. Classic Phishing Scenarios 1. Fake Website Phishing: Imitating official DApp websites to trick users into entering their private keys or seed phrases. Users should adhere to the primary rule of never providing their wallet’s private key or seed phrase to anyone or any website. Additionally, they should verify the correctness of the URL and preferably use official bookmarks to access commonly used DApps. Using reputable mainstream wallets like the OKX Web3 wallet can also help, as these wallets will alert users to detected phishing websites. 2. Stealing Mainnet Tokens: Malicious contract functions are named Claim, SecurityUpdate, AirDrop, etc., with misleading names, but their actual function logic is empty and only transfers users’ mainnet tokens. 3. Similar Address Transfers: Scammers generate addresses that have a few matching characters at the beginning and end with a related address of the user. They use transferFrom to perform 0 amount transfers or send fake USDT in certain amounts to pollute the user’s transaction history, hoping the user will copy the wrong address from the transaction history for subsequent transfers. 4. Impersonating Customer Support: Hackers impersonate customer support through social media or email, asking users to provide their private keys or seed phrases. Official customer support will never ask for private keys, so users should ignore such requests. Security Precautions When Using Various Tools 1. Hardware Wallet Usage: 1.1 Regularly update the firmware and purchase through official channels. 1.2 Use it on a secure computer and avoid connecting it in public places. 2. Browser Plugin Usage: 2.1 Be cautious when using third-party plugins and tools; prefer reputable products such as the OKX Web3 wallet. 2.2 Avoid using wallet plugins on untrusted websites. 3. Transaction Analysis Tool Usage: 3.1 Use trustworthy platforms for transactions and contract interactions. 3.2 Carefully check the contract address and call methods to avoid misoperations. 4. Computer Device Usage: 4.1 Regularly update the computer system, update software, and patch security vulnerabilities. 4.2 Use reliable antivirus software and regularly scan the computer system for viruses. How to More Safely Manage Multiple Wallets and Accounts 1. Diversify Risk: 1.1 Do not store all assets in one wallet; distribute storage to reduce risk. Choose different types of wallets according to the asset type and use case, such as hardware wallets, software wallets, cold wallets, and hot wallets. 1.2 Use multi-signature wallets to manage large amounts of assets for enhanced security. 2. Backup and Recovery: 2.1 Regularly backup seed phrases and private keys and store them in multiple secure locations. 2.2 Use hardware wallets for cold storage to prevent private key leakage. 3. Avoid Reusing Passwords: Set strong, unique passwords for each wallet and account to reduce the risk of multiple accounts being compromised if one password is cracked. 4. Enable Two-Factor Authentication (2FA): Enable 2FA for all accounts whenever possible to increase security. 5. Minimize Use of Automation Tools: Reduce the use of automation tools, especially those that may store your information in the cloud or on third-party servers, to minimize the risk of data breaches. 6. Limit Access Permissions: Only authorize trusted individuals to access your wallets and accounts, and limit their operational permissions. 7. Regularly Check Wallet Security: Use tools to monitor wallet transactions to ensure no abnormal transactions occur. If you find any wallet’s private key has been compromised, immediately replace all affected wallets. Protection Recommendations Against Slippage and MEV Attacks 1. Set Slippage Tolerance: Due to the inherent delay in transactions being recorded on the blockchain and the potential for MEV attacks, users should set a reasonable slippage tolerance in advance to avoid transaction failures or financial losses caused by market fluctuations or MEV attacks. 2. Split Transactions: Avoid making large transactions in one go. Instead, conduct transactions in batches to reduce the impact on market prices and lower the risk of slippage. 3. Use High Liquidity Trading Pairs: When trading, choose trading pairs with ample liquidity to minimize slippage. 4. Use Front-Running Protection Tools: For significant transactions, avoid using the public mempool. Instead, use specialized front-running protection tools to prevent transactions from being captured by MEV bots. How to Protect On-Chain Privacy and Security 1. Multiple Wallet Management:Distribute assets across multiple wallets to reduce the risk of a single wallet being tracked or attacked. 2. Use Multi-Signature Wallets:Require multiple signatures to execute a transaction, enhancing security and privacy protection. 3. Cold Wallets:Store long-term assets in hardware wallets or offline storage to prevent online attacks. 4. Do Not Publicize Addresses:Avoid sharing your wallet address on social media or public platforms to prevent tracking by others. 5. Use Temporary Email Addresses:Use temporary email addresses when participating in airdrops or other activities to protect your personal information from being exposed. If a Wallet Account is Stolen, What Should Users Do? If a user discovers that their wallet has been stolen, the following urgent measures are recommended: 1. Emergency Response Measures 1.1 Immediate Fund Transfer:** If there are still funds in the wallet, they should be immediately transferred to a secure new address. 1.2 Revoke Authorizations:** Use management tools to revoke all authorizations immediately to prevent further losses. 1.3 Track Fund Movements:** Quickly track the movement of stolen funds and document the details of the theft to seek external assistance. 2. Community and Project Support 2.1 Seek Help from Project and Community: Report the incident to the project team and the community. Sometimes the project team can freeze or recover stolen assets. For example, USDC has a blacklist mechanism that can block fund transfers. 2.2 Join Blockchain Security Organizations: Join relevant blockchain security organizations or groups to leverage collective power to address the issue. 2.3 Contact Wallet Customer Support: Promptly contact the wallet’s customer support team for professional help and guidance. Enhancing Security with AI 1. anomaly detection and intrusion detection: Utilize AI and machine learning models to analyze user behavior patterns and detect abnormal activities. For example, deep learning models can be used to analyze transaction behaviors and wallet activities to identify potential malicious actions or anomalies. 2. phishing website identification: AI can detect and block phishing websites by analyzing web page content and link characteristics, protecting users from phishing attacks. 3. malware detection: AI can detect new and unknown malware by analyzing the behavior and characteristics of files, preventing users from downloading and executing malicious programs. 4. automated threat response: AI can automate response measures, such as automatically freezing accounts or taking other protective actions upon detecting abnormal activities. Follow us Wu Blockchain is free today. But if you enjoyed this post, you can tell Wu Blockchain that their writing is valuable by pledging a future subscription. You won't be charged unless they enable payments. |
Older messages
What was the most profitable cryptocurrency sector in the first half of 2024?
Tuesday, June 25, 2024
Author: Biteye Core Contributor Viee Editor: Biteye Core Contributor Crush Original link: https://mp.weixin.qq.com/s/uy6y45d9rinmxkoCj7d1EQ The first half of this year is almost over. Since BTC broke
Asia's weekly TOP10 crypto news (Jun 17 to Jun 23)
Sunday, June 23, 2024
1. Hong Kong Regulatory News This Week 1.1 Tiger Securities Announces Opening of Virtual Currency Trading to Hong Kong Retail Investors link On June 17th, Tiger Brokers announced that following its
Weekly Project Updates: ZK & ZRO Airdrops Go Live This Week, Blast Airdrop Starts Next Week, ENA to Join Symbiotic…
Saturday, June 22, 2024
1. ZK Airdrop Opened for Claiming on Monday link ZKSync's airdrop opened for claiming on Monday, with listings on Binance, OKX, and South Korea's second-largest crypto exchange Bithumb. Binance
WuBlockchain Weekly: Certik's Resolution of Kraken Vulnerability Incident Sparks Controversy, German Government Se…
Friday, June 21, 2024
1. Fed Official: Rate Cuts Possible by Year-End link Neel Kashkari, President of the Federal Reserve Bank of Minneapolis, stated that the prediction by Bank of America that the Federal Reserve will cut
ZKsync Airdrop Controversy Highlights the Challenges of Web3 Project Bootstrapping
Thursday, June 20, 2024
Author: @Web3Mario Compiled by: WuBlockchain Community Debate Focus: Is Interaction Key or is Capital Key For a long time, the Web3 industry seemed to have established a paradigm of attracting users
You Might Also Like
Opinion: Market Panic After FOMC Shows Some Overreaction
Wednesday, December 25, 2024
Last night, the market experienced a significant pullback, primarily due to investor concerns over the Federal Reserve possibly shifting towards a more “hawkish” policy stance. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Trump’s pro-crypto pledge could see day-one executive orders, industry players hope
Tuesday, December 24, 2024
A Bitcoin strategic reserve, access to banking services, and the creation of a crypto council are among the items on the industry's 'wishlist.' ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
State of the Network’s 2024 Year in Review
Tuesday, December 24, 2024
A data-driven overview of events that shaped crypto in 2024 ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
OKExChain: Will the Federal Reserve and Jerome Powell Prevent the U.S. from Creating a National Bitcoin Reserve?
Tuesday, December 24, 2024
In the early hours of today, Federal Reserve Chairman Jerome Powell made it clear during a press conference following the monetary policy meeting that the Fed has no intention of participating in any
Crypto community cheers as Trump names pro-crypto advisors Stephen Miran and Bo Hines for economic and digital ass…
Monday, December 23, 2024
Trump fosters economic expansion and digital innovation with Miran and Hines at the helm of economic and crypto councils. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
📈 BTC-to-Gold ratio hit a historical peak on 17 Dec; Crypto.com renewed its partnership with Formula 1 until 2030
Monday, December 23, 2024
BTC-to-Gold ratio hit a historical peak on 17 Dec; Crypto.com renewed its partnership with Formula 1 until 2030; Crypto.com and the Philadelphia 76ers unveiled Web3 mobile game 'Spectrum Sprint
Bitcoin Hits A New ATH Once Again After Touching $108K
Monday, December 23, 2024
Monday Dec 23, 2024 Sign Up Your Weekly Update On All Things Crypto TL;DR In this issue, we dive into: Bitcoin Hits A New ATH Once Again After Touching $108K Avery Ching To Become New Aptos Labs CEO As
Yi He on Binance Alpha and Wallet: Most Projects Are Air, Facing Talent Shortage in Web3, and Wallet as an Airdrop…
Monday, December 23, 2024
This article is a summary of a recent AMA hosted on Binance's official Twitter, focused on the relaunch of Binance Wallet. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Finish signing in to Crypto.com DeFi Research
Monday, December 23, 2024
Here's a link to sign in to Crypto.com DeFi Research. This link can only be used once and expires in one hour. If expired, please try signing in again here. Sign in now © 2024 Crypto.com 1
Reflections and Rest | Black Flag DAO Weekly Rollup
Sunday, December 22, 2024
Catch Up With What Happened This Week in Black Flag DAO ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏