Hayden Adams, the founder of Uniswap, took to social media to alert the crypto community about a new wave of scams targeting users through deceptive user interfaces (UIs) in crypto wallets. Adams’ warning sheds light on how scammers are leveraging fake clones of Ethereum Name Service (ENS) domains to deceive users and potentially siphon funds. How the Scam Works In a post on X, Adams expressed his concern, stating, “first time I’ve seen this scam, so posting it as a heads up for users and interfaces.” first time I’ve seen this scam, so posting it as a heads up for users and interfaces someone bought the ens “[myEthereumAddress].eth” so when you paste in my address, the top result in some UIs is an ens match instead of the resolved ENS name impt for UIs to filter these out
Topics:
Wayne Jones considers the following as important: AA News, Hacking
This could be interesting, too:
Wayne Jones writes Bad News for Crypto? Elizabeth Warren to Succeed Sherrod Brown on House Banking Committee
Martin Young writes Ethereum’s Modular Strategy: Short-Term Pain, Long-Term Gain, Says Research
Wayne Jones writes DOJ Seeks M in Crypto from Binance Over FTX Bribery Allegations Involving SBF
Chayanika Deka writes Bitcoin Wallet Awakens After 13 Years, Transfers .67M Amid Market Surge
Hayden Adams, the founder of Uniswap, took to social media to alert the crypto community about a new wave of scams targeting users through deceptive user interfaces (UIs) in crypto wallets.
Adams’ warning sheds light on how scammers are leveraging fake clones of Ethereum Name Service (ENS) domains to deceive users and potentially siphon funds.
How the Scam Works
In a post on X, Adams expressed his concern, stating, “first time I’ve seen this scam, so posting it as a heads up for users and interfaces.”
first time I’ve seen this scam, so posting it as a heads up for users and interfaces
someone bought the ens “[myEthereumAddress].eth”
so when you paste in my address, the top result in some UIs is an ens match instead of the resolved ENS name
impt for UIs to filter these out pic.twitter.com/0cQAL5tQ0T
— hayden.eth 🦄 (@haydenzadams) February 14, 2024
The scam involves the fraudster purchasing an ENS domain that closely resembles a legitimate Ethereum address but substituting alphabetic characters with alphanumeric sequences.
Subsequently, when unsuspecting users input the genuine Ethereum address into their crypto wallet UIs, these interfaces display the scammer’s address as the primary result instead of the intended recipient’s. This could lead users to send funds to the scammer’s address unknowingly.
He highlighted a specific instance where a bad actor purchased the ENS domain “[myEthereumAddress].eth,” which closely resembled his own Ethereum address, “0x11E4857Bb9993a50c685A79AFad4E6F65D518DDa.”
Adams stressed the importance of interfaces integrating filters to tackle these scams and advised users to proceed cautiously. He stated, “impt for UIs to filter these out.”
Following the post, Nick Johnson, the founder of ENS, expressed his view that interfaces should refrain from autocompleting names altogether, deeming it excessively risky. He noted that such a practice is discouraged in their user experience (UX) guidelines.
IMO, interfaces shouldn’t autocomplete names at all; it’s far too dangerous. I think we advise against it in our UX guidelines.
— nick.eth (@nicksdjohnson) February 14, 2024
ENS stands for Ethereum Name Service, a domain name system built on the Ethereum blockchain. It enables users to substitute intricate Ethereum addresses with more user-friendly and understandable names such as “myname.eth.”
Scammers Exploit ENS Domains to Mimic Major Exchanges
In a related incident, scammers have previously used ENS domains to mimic major exchanges’ wallets by using a single address to register multiple ENS domains that closely resemble the hexadecimal addresses of highly active addresses. The scammer then added “.eth” at the end of these addresses.
For instance, the FTX address “0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2” was mimicked as “0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2.eth”1.
The primary aim is to intercept payments directed to these mimicked addresses, exploiting the feature of many wallets supporting ENS domains as valid destinations for asset transfers. As a result, users risk unknowingly sending assets to these fake domains with a single misclick.