Vote for Cryptopolitan on Binance Square Creator Awards 2024. Click here to support our content!

Sleepdropping scam costs Ethereum users $11.5 million

Media pressure forces Bank of America to refund scam victim The inside storyMedia pressure forces Bank of America to refund scam victim The inside story
367611

Contents

Share link:

In this post:

  • Cybersecurity firms Forta Network and Blockfence reveal a sleepdropping scam costing Ethereum users $11.5 million since December 2022.
  • Fraudulent ERC-1155 tokens, disguised as legitimate NFTs, serve as the primary tool for the scam, impacting over 500,000 addresses.
  • Scammers employ a fake Lido NFT token as bait, leading victims into secondary interactions where the actual financial harm occurs.

Cybersecurity firms Forta Network and Blockfence have disclosed how a sophisticated scam, coined “sleepdropping,” has cost Ethereum users $11.5 million since its first detection in December 2022. The insidious operation centers on ERC-1155 tokens, often disguised as legitimate NFTs. Alarmingly, these fraudulent airdrops have reached over 500,000 addresses. The tactics deployed by the scammers expose the Achilles’ heel of smart contracts, even as they continue to gain mainstream acceptance.

A critical facet of this scam is the fraudulent website that deceives users into engaging in risky financial transactions. On the surface, these websites are legitimate platforms. However, once users engage with these sites, their funds end up in the pockets of unknown fraudsters. Over 20,000 users have already fallen prey to this intricate scam.

Interestingly, the scammers have even replicated a genuine Lido NFT token as a “badge” for a supposed airdrop, extending the web of deceit. While the NFT itself poses no direct risk to the user’s financial assets, the real danger lies in the secondary interactions it encourages. Users who believe the airdrop is genuine may claim harmful tokens on phishing sites. The scam transforms a harmless token into a lure that pulls users into a financial trap.

Read Also  Ethereum's Dencun upgrade slashes layer 2 transaction fees

What complicates the matter further is the seemingly authentic nature of the smart contracts used to disseminate these tokens. In some instances, these contracts mimicked legitimate airdrops from reputable sources, such as those that rewarded early Lido stakers in 2021. According to Forta Network, an observant user might even see the tokens coming from a legitimate source, highlighting the depths these scammers are willing to feign authenticity.

The research conducted by Forta and Blockfence has identified more than a hundred unique smart contracts connected to this scam. These contracts share similar deployment characteristics, providing clues to the scam’s modus operandi. The scam unfolds in three main stages, which are as follows: fraudulent airdrop operations, deceptive websites, and malicious contracts that ultimately siphon off users’ funds.

From Zero to Web3 Pro: Your 90-Day Career Launch Plan

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Editor's choice

Loading Editor's Choice articles...

Stay on top of crypto news, get daily updates in your inbox

Most read

Loading Most Read articles...
Subscribe to CryptoPolitan