Hot Topic Ranking

Hot Score

Large ETH, BTC orders appear

Grayscale is bullish on Bitcoin's prospects.

EU New Regulations Boost Euro Stablecoin Development

Bybit launches CGPT contracts

Buy Bitcoin on dips

Coinbase Receives Subpoena

Tether's foray into AI film

Morgan Stanley: March rate cut likely

## Stablecoin Issuers Face Sell-Off

Giant whales AAVE, UNI make a killing

U.S. Nonfarm Payrolls Rise More Than Expected

Whale buys 1 billion XRP

Quantum computers cannot crack Bitcoin.

U.S. Justice Department Accuses Russian National of Money Laundering

FDIC Vice Chair Backs Cryptocurrencies

Related Currencies

#User lost $460,000 in a simulated trading scam.#

Posts

Hot Topic Details

Hot Topic Overview

Ace Hot Topic Analysis

Public Sentiment · Discussion Word Cloud

Classic Views

Hot Topic Details

Hot Topic Overview

Overview

Recently, a user lost 143.45 ETH (approximately $460,800) due to a transaction simulation scam. The attacker exploited the delay between transaction simulation and execution in Web3 wallets by creating a phishing website. After the user submitted a transaction, the attacker immediately tampered with the on-chain state. The attack process involved the phishing website initiating a "Claim" ETH transfer request. The wallet simulated receiving a small amount of ETH, but the backend modified the contract state, resulting in the actual transaction draining the user's wallet assets. This incident serves as a reminder for users to exercise extreme caution when using Web3 wallets, avoid clicking on suspicious links, and be aware of the difference between transaction simulation and actual execution.

Ace Hot Topic Analysis

Analysis

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. The attacker exploited the delay between the transaction simulation feature in Web3 wallets and actual execution, creating a phishing website to manipulate the on-chain state after the user submitted the transaction. Specifically, the phishing website initiated a "Claim" ETH transfer request, and the wallet simulated receiving a small amount of ETH. However, the attacker modified the contract state in the backend, resulting in the actual transaction draining the user's wallet assets. This incident serves as a reminder for users to be cautious when identifying phishing websites and to be aware of the potential risks associated with transaction simulation features. Do not blindly trust the simulation results, especially for transactions involving large sums of money. It is crucial to carefully verify transaction information to avoid losses.

Related Currencies

Public Sentiment · Discussion Word Cloud

Public Sentiment

100%

Discussion Word Cloud

Classic Views

Transaction simulation functionality has a security vulnerability.

Attackers can exploit the delay to tamper with the on-chain state.

Attackers can use phishing websites to trick users into making transactions.

And then use the delay in the transaction simulation functionality to commit fraud.

Users should be cautious when using transaction simulation.

Avoid clicking suspicious links or making unknown transactions.

Web3 wallets should strengthen security measures to prevent the malicious use of transaction simulation functionality.