Hot Topic Ranking

Hot Score

Solana Options Block Trade Achieved

Large ETH, BTC orders

Grayscale is bullish on Bitcoin's prospects.

EU New Regulations Boost Euro Stablecoin Development

Bybit launches CGPT contracts

Buy Bitcoin on dips

Tether's foray into AI film

Morgan Stanley: March rate cut likely

## Stablecoin Issuers Face Sell-Off

Giant whales AAVE, UNI make a killing

U.S. Nonfarm Payrolls Rise More Than Expected

Whale buys 1 billion XRP

Quantum computers cannot crack Bitcoin.

U.S. Justice Department Accuses Russian National of Money Laundering

FDIC Vice Chair Backs Cryptocurrencies

Related Currencies

#User lost $460,000 in a simulated trading scam.#

Posts

Hot Topic Details

Hot Topic Overview

Ace Hot Topic Analysis

Public Sentiment · Discussion Word Cloud

Classic Views

Hot Topic Details

Hot Topic Overview

Overview

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. The attacker exploited the delay between transaction simulation and execution in Web3 wallets. Through a phishing website, the attacker modified the on-chain state immediately after the user submitted the transaction, resulting in the user's actual transaction depleting their wallet assets. The attack process was as follows: the phishing website initiated a "Claim" ETH transfer request, the wallet simulated receiving a small amount of ETH, the backend modified the contract state, and ultimately the user's actual transaction depleted their wallet assets.

Ace Hot Topic Analysis

Analysis

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. This incident exposes the potential security risks of transaction simulation features in Web3 wallets. Attackers exploited the delay between transaction simulation and execution by creating phishing websites to manipulate the on-chain state immediately after users submitted transactions. Specifically, attackers would initiate a "Claim" ETH transfer request, and the wallet would simulate receiving a small amount of ETH. However, the attackers would modify the contract state in the backend, resulting in the user's actual transaction depleting their wallet assets. This incident reminds users to carefully identify phishing websites and be aware of the difference between transaction simulation and actual execution when conducting Web3 transactions, avoiding losses caused by delays.

Related Currencies

Public Sentiment · Discussion Word Cloud

Public Sentiment

100%

Discussion Word Cloud

Classic Views

Transaction simulation functionality has a security vulnerability that allows attackers to manipulate the on-chain state with a delay, resulting in user financial losses.

Attackers can use phishing websites to trick users into making transactions, displaying a small amount of ETH during the transaction simulation stage, but actually draining the wallet's assets.

The transaction simulation feature of Web3 wallets is designed to improve transparency and user experience, but it poses security risks and requires enhanced security measures.

Users should be cautious when making Web3 transactions, carefully identifying phishing websites and paying attention to the difference between transaction simulation and actual execution.