SlowMist Discovers New Crypto Scam Manipulating Ethereum Nodes
Summary:
SlowMist security researchers have uncovered a sophisticated cryptocurrency scam that manipulates Ethereum nodes for fraudulent purposes, primarily targeting offline transactions involving Tether (USDT). The scam lures victims into downloading a genuine-seeming imToken wallet and transferring a small sum of 1 USDT and Ether. The fraudster then tricks the victim into altering their URL to a manipulated node, creating a fictitious balance giving the illusion of deposited funds. SlowMist warns users about the dangers of such scams, urging vigilance and caution when transacting with untrustworthy RPC nodes.
The cybersecurity experts from SlowMist have unveiled a new type of cryptocurrency fraud using manipulated Ethereum nodes and their remote procedure call (RPC) interface. This scam particularly targets offline transactions, with the fraudster mostly favouring Tether (USDT) for payment. As per SlowMist reports, the swindle begins with the perpetrator persuading the victim to download an authentic imToken wallet and gains their confidence by transferring bait funds of 1 USDT and a small amount of Ether (ETH). The fraudster then guides the victim to alter their ETH RPC URL to a node under the fraudster's control, which they have modified with Tenderly’s fork feature. This modification creates a false USDT balance, tricking the user into believing the fraudster has deposited funds into their account. One case study of a victim’s wallet address reveals a small deposit of 1 USDT and 0.002 ETH from another account—an attempt to make the fraudulent funds appear genuine. Upon trying to transfer the supposed funds, the victims find themselves deceived and out of pocket, while the scammer has vanished. SlowMist warns users of the dangers associated with untrustworthy RPC nodes, emphasizing the need for increased vigilance during transactions.RPC, essential to the Ethereum blockchain, operates remotely, imitating local application execution. It integrates with nodes to provide balance information, initiate transactions or engage with smart contracts. SlowMist claims that using a custom JSON-RPC, provided by Tenderly, allows for account balance manipulation within Tenderly Forks and modification of contract details. For a specific balance, a user can use the code snippet “ether4s.utils.hexvalue(aBignumberish)” to format a large number value without leading zeros. A comparable scam spreading on Telegram enables a scammer to deplete a victim's cryptocurrency wallet without needing transaction confirmation, instead tricking the individual into signing a fraudulent message. A recent case involved Asia Express, accused of a $6 billion scam exploiting a legal gray area for Hong Kong Bitcoin ETFs in China.
Published At
4/26/2024 10:06:48 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.