OKX WEB3: Classic Theft Cases Faced by Airdrop Hunters and How to Prevent Them
Author: OKX WEB3, WTF Academy Translation: WuBlockchain Classic Theft Cases Faced by Airdrop Hunters and How to Prevent Them 1. Fake accounts posting false airdrops. User A was browsing a popular project’s Twitter when they saw an airdrop announcement under the latest tweet. They clicked the announcement link to participate in the airdrop, which led to phishing. Currently, many phishers use fake official accounts to post false announcements under official tweets to lure users. Users should be cautious and discerning. 2. Official accounts being hijacked. The official Twitter and Discord accounts of a project were hacked. The hackers then posted a fake airdrop link on the project’s official accounts. Since the link was posted from official channels, User B did not doubt its authenticity and clicked the link to participate in the airdrop, only to be phished. 3. Malicious project teams. User C participated in a mining activity of a project, staking all their USDT assets in the project’s staking contract to earn higher rewards. However, the smart contract was neither rigorously audited nor open-sourced. The project team exploited a backdoor in the contract to steal all the assets User C had staked. Common Security Risks in On-Chain Interactions 1. Airdrop Scams Risk Overview: Some users frequently find a large number of unknown tokens in their wallet addresses. These tokens typically fail to trade on commonly used DEXs, prompting the user to visit the token’s official website for exchange. When users authorize transactions, they often grant permissions that allow the smart contract to transfer assets from their accounts, ultimately leading to asset theft. For example, the Zape airdrop scam saw many users suddenly receive large amounts of Zape tokens in their wallets, appearing to be worth tens of thousands of dollars. This led many to mistakenly believe they had unexpectedly become wealthy. However, this was a carefully designed trap. Since these tokens could not be found on legitimate platforms, many eager to cash out searched for the token’s supposed “official website.” After connecting their wallets as prompted, users believed they could sell these tokens, but once authorized, all assets in their wallets were immediately stolen. Preventive Measures: To avoid airdrop scams, users must remain highly vigilant, verify information sources, and always obtain airdrop information from official channels (such as the project’s official website, official social media accounts, and official announcements). Protect your private keys and seed phrases, avoid paying any fees, and use community resources and tools to identify potential scams. 2. Malicious Smart Contracts Risk Overview: Many unaudited or non-open-source smart contracts may contain vulnerabilities or backdoors, failing to ensure the safety of user funds. Preventive Measures: Users should primarily interact with smart contracts that have been strictly audited by reputable auditing companies or check the project’s security audit reports. Additionally, projects with bug bounty programs typically have higher security assurances. 3. Authorization Management Risk Overview: Excessive authorization to interacted contracts can lead to asset theft. For example: 1) If the contract is an upgradeable contract and the private key of the privileged account is leaked, attackers can use the private key to upgrade the contract to a malicious version, thereby stealing assets from authorized users. 2) If the contract has yet-to-be-identified vulnerabilities, excessive authorization may enable attackers to exploit these vulnerabilities in the future to steal funds. Preventive Measures: In principle, only grant necessary authorization limits to interacted contracts, and regularly check and revoke unnecessary authorizations. When performing off-chain permit authorization signatures, be clear about the target contract, asset type, and authorization amount before proceeding. 4. Phishing Authorization Risk Overview: Clicking on malicious links and being tricked into authorizing malicious contracts or users. Preventive Measures: 1) Avoid blind signing: Ensure you understand the content of the transaction you are about to sign and that every step is clear and necessary. 2) Be cautious with authorization targets: If the authorization target is an EOA (Externally Owned Account) or an unverified contract, exercise increased caution. Unverified contracts may contain malicious code. 3) Use anti-phishing wallet plugins: Use wallet plugins with anti-phishing protection, such as the OKX Web3 wallet, which can help identify and block malicious links. 4) Protect seed phrases and private keys: Any website asking for your seed phrase or private key is a phishing site. Never enter these sensitive details on any website or application. 5. Malicious Airdrop Scripts Risk Overview: Running malicious airdrop scripts can lead to the installation of malware on your computer, resulting in the theft of private keys. Preventive Measures: Be cautious when running unknown airdrop scripts or airdrop software. Classic Phishing Scenarios 1. Fake Website Phishing: Imitating official DApp websites to trick users into entering their private keys or seed phrases. Users should adhere to the primary rule of never providing their wallet’s private key or seed phrase to anyone or any website. Additionally, they should verify the correctness of the URL and preferably use official bookmarks to access commonly used DApps. Using reputable mainstream wallets like the OKX Web3 wallet can also help, as these wallets will alert users to detected phishing websites. 2. Stealing Mainnet Tokens: Malicious contract functions are named Claim, SecurityUpdate, AirDrop, etc., with misleading names, but their actual function logic is empty and only transfers users’ mainnet tokens. 3. Similar Address Transfers: Scammers generate addresses that have a few matching characters at the beginning and end with a related address of the user. They use transferFrom to perform 0 amount transfers or send fake USDT in certain amounts to pollute the user’s transaction history, hoping the user will copy the wrong address from the transaction history for subsequent transfers. 4. Impersonating Customer Support: Hackers impersonate customer support through social media or email, asking users to provide their private keys or seed phrases. Official customer support will never ask for private keys, so users should ignore such requests. Security Precautions When Using Various Tools 1. Hardware Wallet Usage: 1.1 Regularly update the firmware and purchase through official channels. 1.2 Use it on a secure computer and avoid connecting it in public places. 2. Browser Plugin Usage: 2.1 Be cautious when using third-party plugins and tools; prefer reputable products such as the OKX Web3 wallet. 2.2 Avoid using wallet plugins on untrusted websites. 3. Transaction Analysis Tool Usage: 3.1 Use trustworthy platforms for transactions and contract interactions. 3.2 Carefully check the contract address and call methods to avoid misoperations. 4. Computer Device Usage: 4.1 Regularly update the computer system, update software, and patch security vulnerabilities. 4.2 Use reliable antivirus software and regularly scan the computer system for viruses. How to More Safely Manage Multiple Wallets and Accounts 1. Diversify Risk: 1.1 Do not store all assets in one wallet; distribute storage to reduce risk. Choose different types of wallets according to the asset type and use case, such as hardware wallets, software wallets, cold wallets, and hot wallets. 1.2 Use multi-signature wallets to manage large amounts of assets for enhanced security. 2. Backup and Recovery: 2.1 Regularly backup seed phrases and private keys and store them in multiple secure locations. 2.2 Use hardware wallets for cold storage to prevent private key leakage. 3. Avoid Reusing Passwords: Set strong, unique passwords for each wallet and account to reduce the risk of multiple accounts being compromised if one password is cracked. 4. Enable Two-Factor Authentication (2FA): Enable 2FA for all accounts whenever possible to increase security. 5. Minimize Use of Automation Tools: Reduce the use of automation tools, especially those that may store your information in the cloud or on third-party servers, to minimize the risk of data breaches. 6. Limit Access Permissions: Only authorize trusted individuals to access your wallets and accounts, and limit their operational permissions. 7. Regularly Check Wallet Security: Use tools to monitor wallet transactions to ensure no abnormal transactions occur. If you find any wallet’s private key has been compromised, immediately replace all affected wallets. Protection Recommendations Against Slippage and MEV Attacks 1. Set Slippage Tolerance: Due to the inherent delay in transactions being recorded on the blockchain and the potential for MEV attacks, users should set a reasonable slippage tolerance in advance to avoid transaction failures or financial losses caused by market fluctuations or MEV attacks. 2. Split Transactions: Avoid making large transactions in one go. Instead, conduct transactions in batches to reduce the impact on market prices and lower the risk of slippage. 3. Use High Liquidity Trading Pairs: When trading, choose trading pairs with ample liquidity to minimize slippage. 4. Use Front-Running Protection Tools: For significant transactions, avoid using the public mempool. Instead, use specialized front-running protection tools to prevent transactions from being captured by MEV bots. How to Protect On-Chain Privacy and Security 1. Multiple Wallet Management:Distribute assets across multiple wallets to reduce the risk of a single wallet being tracked or attacked. 2. Use Multi-Signature Wallets:Require multiple signatures to execute a transaction, enhancing security and privacy protection. 3. Cold Wallets:Store long-term assets in hardware wallets or offline storage to prevent online attacks. 4. Do Not Publicize Addresses:Avoid sharing your wallet address on social media or public platforms to prevent tracking by others. 5. Use Temporary Email Addresses:Use temporary email addresses when participating in airdrops or other activities to protect your personal information from being exposed. If a Wallet Account is Stolen, What Should Users Do? If a user discovers that their wallet has been stolen, the following urgent measures are recommended: 1. Emergency Response Measures 1.1 Immediate Fund Transfer:** If there are still funds in the wallet, they should be immediately transferred to a secure new address. 1.2 Revoke Authorizations:** Use management tools to revoke all authorizations immediately to prevent further losses. 1.3 Track Fund Movements:** Quickly track the movement of stolen funds and document the details of the theft to seek external assistance. 2. Community and Project Support 2.1 Seek Help from Project and Community: Report the incident to the project team and the community. Sometimes the project team can freeze or recover stolen assets. For example, USDC has a blacklist mechanism that can block fund transfers. 2.2 Join Blockchain Security Organizations: Join relevant blockchain security organizations or groups to leverage collective power to address the issue. 2.3 Contact Wallet Customer Support: Promptly contact the wallet’s customer support team for professional help and guidance. Enhancing Security with AI 1. anomaly detection and intrusion detection: Utilize AI and machine learning models to analyze user behavior patterns and detect abnormal activities. For example, deep learning models can be used to analyze transaction behaviors and wallet activities to identify potential malicious actions or anomalies. 2. phishing website identification: AI can detect and block phishing websites by analyzing web page content and link characteristics, protecting users from phishing attacks. 3. malware detection: AI can detect new and unknown malware by analyzing the behavior and characteristics of files, preventing users from downloading and executing malicious programs. 4. automated threat response: AI can automate response measures, such as automatically freezing accounts or taking other protective actions upon detecting abnormal activities. Follow us Wu Blockchain is free today. But if you enjoyed this post, you can tell Wu Blockchain that their writing is valuable by pledging a future subscription. You won't be charged unless they enable payments. |
Older messages
What was the most profitable cryptocurrency sector in the first half of 2024?
Tuesday, June 25, 2024
Author: Biteye Core Contributor Viee Editor: Biteye Core Contributor Crush Original link: https://mp.weixin.qq.com/s/uy6y45d9rinmxkoCj7d1EQ The first half of this year is almost over. Since BTC broke
Asia's weekly TOP10 crypto news (Jun 17 to Jun 23)
Sunday, June 23, 2024
1. Hong Kong Regulatory News This Week 1.1 Tiger Securities Announces Opening of Virtual Currency Trading to Hong Kong Retail Investors link On June 17th, Tiger Brokers announced that following its
Weekly Project Updates: ZK & ZRO Airdrops Go Live This Week, Blast Airdrop Starts Next Week, ENA to Join Symbiotic…
Saturday, June 22, 2024
1. ZK Airdrop Opened for Claiming on Monday link ZKSync's airdrop opened for claiming on Monday, with listings on Binance, OKX, and South Korea's second-largest crypto exchange Bithumb. Binance
WuBlockchain Weekly: Certik's Resolution of Kraken Vulnerability Incident Sparks Controversy, German Government Se…
Friday, June 21, 2024
1. Fed Official: Rate Cuts Possible by Year-End link Neel Kashkari, President of the Federal Reserve Bank of Minneapolis, stated that the prediction by Bank of America that the Federal Reserve will cut
ZKsync Airdrop Controversy Highlights the Challenges of Web3 Project Bootstrapping
Thursday, June 20, 2024
Author: @Web3Mario Compiled by: WuBlockchain Community Debate Focus: Is Interaction Key or is Capital Key For a long time, the Web3 industry seemed to have established a paradigm of attracting users
You Might Also Like
DOO, DAO, or DOC? | BanklessDAO Weekly Rollup
Saturday, September 28, 2024
Catch Up With What Happened This Week in BanklessDAO ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Senator Lummis predicts SEC Chair Gensler will step down next year if Trump is elected
Saturday, September 28, 2024
The SEC Chair will "certainly" not maintain his role under a Trump government, but a Harris presidency might also end his term. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
🥛 How to check your portfolio’s pulse 🫀
Saturday, September 28, 2024
Key metrics we're using to track the health of our investments... 🔑
P2P Off-Chain Payments: An Indispensable Map for the Future of Crypto Payments
Saturday, September 28, 2024
Recently, the first fully Bitcoin-isomorphic Layer2 solution CKB released a prototype of Fiber Network, a next-generation common Lightning Network built on Nervos CKB and off-chain channels. ͏ ͏ ͏ ͏ ͏
Weekly Project Updates: Celestia's OTC Token Sales Spark Community Backlash, EIGEN Set to Launch Trading Next Mond…
Saturday, September 28, 2024
The community has expressed strong criticism of the Celestia Foundation's OTC token sales, accusing them of failing to provide necessary transparency to the public. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
🥛 Is crypto’s vibecession over? 🙃
Friday, September 27, 2024
PLUS: $BTC ETFs hit highest net inflows since July 💪
SEC chair Gensler reaffirms Bitcoin’s commodity status, criticizes industry’s disregard of rules
Friday, September 27, 2024
SEC Chair Gary Gensler reaffirms Bitcoin's non-security status while criticizing industry non-compliance amid SEC scrutiny. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
WuBlockchain Weekly: China Unveils Massive Stimulus Measures, Harris Integrates Cryptocurrency into Her, etc
Friday, September 27, 2024
On Tuesday, China's central bank announced its largest stimulus measures since the pandemic began, aiming to lift the economy out of deflation and return to government growth targets. ͏ ͏ ͏ ͏ ͏ ͏ ͏
L2 Race Heats up in September: Base Leads the Way | Layer 2 Review
Thursday, September 26, 2024
Quick Reads and Hot Links Covering the People and Projects Who Are Scaling Ethereum ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
🥛 Is Uniswap the Amazon of crypto? 🤔
Thursday, September 26, 2024
PLUS: Crypto only makes up ~0.1% of global asset value 📊 We're still early!