Binance unveils algorithm to combat spoofing

What’s new? Security experts at Binance, the largest centralized crypto exchange (CEX), have developed an algorithm to protect against address poisoning/address spoofing fraud. In this method, also known as spoofing, scammers send small amounts of digital assets to potential victims’ wallets from addresses with similar characters. Such a transaction, like any other, is recorded in the transaction history, and the next time the victim may inadvertently copy the scammer’s address from the history and send him the funds.

Material by Cointelegraph

What else is known? Binance’s algorithm detects scammers by identifying suspicious transfers with near-zero value or unknown tokens, and matching sender addresses with those of potential victims. It then marks malicious transactions by time of execution to find a potential point of “poisoning.”

The scammers’ spoofing addresses are logged into Binance’s IS partner HashDit’s database, which can be used by other crypto projects to protect their users.

For example, many firms use the HashDit API to protect against various types of fraud, including the crypto wallet Trust Wallet, which notifies users when they are about to transfer funds to a spoofed address. The algorithm will also track fraudulent addresses in web browser extensions and MetaMask Snaps apps.

The exchange team said that the new algorithm has already helped detect over 13,4 million spoofing addresses on the BNB blockchain and over 1,68 million on the Ethereum blockchain.

The Binance algorithm was introduced shortly after a major incident involving this scheme. Thus, on May 3, an unknown trader lost $68 million in wBTC by sending it to a spoofing address. After 10 days, the fraudster returned the funds, probably fearing de-anonymization, as blockchain analysts were actively seeking to establish his identity.

This type of fraud is designed for inattention: most traders only check the first and last characters in the wallet address, which contains 42 characters. In addition, the interfaces of most platforms do not display addresses in their entirety without additional clicks.

In addition, scammers use vanity address generators to set some of the address characters themselves and make it look like the address of a potential victim or her counterparty.