Recent record network activity on Ethereum can be linked to a wave of address poisoning attacks that have been taking advantage of low gas fees since December, security researcher Andrey Sergeenkov said.
On Friday, Cointelegraph reported that maintaining activity on the network had almost doubled to 8 million addresses in the month, while the daily number of transactions reached an all-time high of almost 2.9 million.
In the week of Jan. 12, 2.7 million fresh addresses appeared, 170% more than usual, and the daily number of transactions rose to more than 2.5 million, Sergeyenkov said.
However, Sergeyenkov he said the augment may be due to a type of massive spam attack known as “address poisoning,” which became more economical after a December upgrade to the Fusaka Ethereum network that lowered transaction fees.
Network charges dropped by more than 60% in the weeks following the update in early December.
“Address poisoning has become disproportionately attractive to attackers,” the researcher said, adding: “You can’t scale your infrastructure without first addressing user security!”
$740,000 lost to address poisoning attacks
Address poisoning is where fraudsters send tiny transactions from wallet addresses that look like legitimate ones, thereby tricking users into copying the wrong address when making a transaction.
Fraudsters first send tiny amounts of money, usually stablecoins, to the addresses of “dust distributors.”
Sergeyenkov said he was able to discover the likely addresses of dust distributors by checking the number of wallets that received less than a dollar in their first stablecoin transaction.
Related: Efforts to bulletproof Ethereum are paying off in user metrics
Then, to identify which of them were “dust distributor” addresses, he only checked those that had sent transactions to more than 10,000 addresses.
“These poison addresses then spread dust among millions of potential victims by creating false transaction history entries.”
Some of the top dust distributors have sent packages to more than 400,000 recipients and so far more than $740,000 has been stolen from 116 victims, he added.
Warehouse: Indians sharply criticize Pudgy Penguins, former digital yuan chief’s crypto scandal: Asia Express
