By Coinbase security team
As part of our mission to build a secure and open financial system, we actively monitor not only Coinbase but the entire crypto ecosystem for any security threats. As we discussed in our previous blog post about industry-wide crypto security threats, malicious threats against any crypto user or business are bad for the industry. With this community mentality, we do our best to inform and protect our community from bad actors.
Last month, Coinbase Threat Intelligence, Special Investigations and Global Intelligence teams tracked ongoing phishing campaigns on Etherium, Polygon, Binance Smart Chain and other EVM-compatible platforms that unfortunately stole more than $ 15 million. So far in various crypto resources. Phishing campaigns do not affect customers who secure funds at Coinbase.com. However, anyone who uses self-custody wallets (such as Coinbase Wallet, Metamask, etc.) may be at risk.
The campaign airdrops fictitious coins in Victim Wallet and tempts to visit specially created malicious websites. The following is an example of such a currency:
When users try to interact with airdropped tokens, such as when they are transferred to a decentralized exchange (DEX), they are presented with an error message that encourages them to visit a malicious phishing website:
The website offers users a decentralized application (DApp) interface that is supposed to connect their wallets and allow trading of Airdrop tokens. However, when users approve a transaction on a phishing website, in reality they unknowingly allow their personal tokens to be transferred to scammers.
Scammers frequently change the name of airdrop tokens and phishing websites to avoid blocklists; However, they still use the same tactics to steal tokens using fake airdrops and malicious daps. However, you can take the following security measures to protect your assets:
- Beware of airdrop tokens obtained from an unknown source. Most likely these unsolicited tokens are part of a phishing campaign
- Do not view or attach self-custody wallets to any websites advertised with error messages, token names or tokens aired through other methods.
- Do not interact with airdropped tokens (such as authorization, transfer, swap, etc.). No matter how annoying it sounds, it’s best to keep them in your wallet
- Don’t keep high-value assets in the same wallet used to interact regularly with Dapps. Use cold storage or custodial solutions such as the freely available Coinbase Vault or Custody.
Coinbase is working with industry partners to help limit the damage caused by the scandal, and we plan to publish a more detailed analysis of the promotion in the near future.
Security PSA: The Airdrop Phishing Campaign was originally published on The Coinbase Blog on Medium, where people continue the conversation by highlighting the story and responding.