Binance pioneers innovative solution to combat poisoning scams following $68M exploit.

Binance’s team of security experts has devised a solution to combat the increasing prevalence of address poisoning scams that deceive investors into sending funds to fraudulent addresses. The world’s largest cryptocurrency exchange has developed an algorithm that can identify millions of poisoned crypto addresses. Address poisoning, also known as address spoofing, involves scammers sending a small amount of digital assets to a wallet that closely resembles the victim’s address, with the intention of tricking them into sending funds to the fraudulent address. Binance’s algorithm detects spoofed addresses by analyzing suspicious transfers, such as those with negligible value or unknown tokens, and matching them with potential victim addresses. The malicious transactions are then timestamped to determine the point of poisoning. The spoofed addresses are logged in the database of HashDit, a Web3 security firm that is Binance’s security partner. This collaboration aims to protect the wider cryptocurrency industry from address poisoning scams. Additionally, the algorithm will help identify spoofed addresses on HashDit’s user-facing products, web browser extensions, and MetaMask Snaps. The need for a preventive algorithm became evident after an unknown trader fell victim to an address-poisoning scam and lost $68 million worth of Wrapped Bitcoin (wBTC). However, the thief returned the funds after their potential Hong Kong-based IP addresses were exposed. Address poisoning scams may appear to be easily avoidable, but many traders only verify the first and last digits of a wallet’s alphanumeric characters, as most protocols only display those digits. Furthermore, scammers exploit vanity address generators to customize their addresses and make them appear less random or more similar to a specific address.