Dissecting Payload-based Transaction Phishing on Ethereum
- URL: http://arxiv.org/abs/2409.02386v1
- Date: Wed, 4 Sep 2024 02:26:59 GMT
- Title: Dissecting Payload-based Transaction Phishing on Ethereum
- Authors: Zhuo Chen, Yufeng Hu, Bowen He, Dong Luo, Lei Wu, Yajin Zhou,
- Abstract summary: payload-based transaction phishing (PTXPHISH) manipulates smart contract interactions through the execution of malicious payloads to deceive users.
PTXPHISH has rapidly emerged as a significant threat, leading to incidents that caused losses exceeding $70 million in 2023 reports.
We establish the first ground-truth PTXPHISH dataset, consisting of 5,000 phishing transactions.
We propose a rule-based multi-dimensional detection approach to identify PTXPHISH, achieving over 99% accuracy in the ground-truth dataset.
- Score: 13.398858969125495
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: In recent years, a more advanced form of phishing has arisen on Ethereum, surpassing early-stage, simple transaction phishing. This new form, which we refer to as payload-based transaction phishing (PTXPHISH), manipulates smart contract interactions through the execution of malicious payloads to deceive users. PTXPHISH has rapidly emerged as a significant threat, leading to incidents that caused losses exceeding \$70 million in 2023 reports. Despite its substantial impact, no previous studies have systematically explored PTXPHISH In this paper, we present the first comprehensive study of the PTXPHISH on Ethereum. Firstly, we conduct a long-term data collection and put considerable effort into establishing the first ground-truth PTXPHISH dataset, consisting of 5,000 phishing transactions. Based on the dataset, we dissect PTXPHISH, categorizing phishing tactics into four primary categories and eleven sub-categories. Secondly, we propose a rule-based multi-dimensional detection approach to identify PTXPHISH, achieving over 99% accuracy in the ground-truth dataset. Finally, we conducted a large-scale detection spanning 300 days and discovered a total of 130,637 phishing transactions on Ethereum, resulting in losses exceeding $341.9 million. Our in-depth analysis of these phishing transactions yielded valuable and insightful findings. Furthermore, our work has made significant contributions to mitigating real-world threats. We have reported 1,726 phishing addresses to the community, accounting for 42.7% of total community contributions during the same period. Additionally, we have sent 2,539 on-chain alert messages, assisting 1,980 victims. This research serves as a valuable reference in combating the emerging PTXPHISH and safeguarding users' assets.
Related papers
- Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars.
Various tools have been developed to detect and mitigate vulnerabilities in smart contracts.
This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
arXiv Detail & Related papers (2023-12-27T11:26:26Z) - FRAD: Front-Running Attacks Detection on Ethereum using Ternary
Classification Model [3.929929061618338]
Front-running attacks, a unique form of security threat, pose significant challenges to the integrity of blockchain transactions.
In these attack scenarios, malicious actors monitor other users' transaction activities, then strategically submit their own transactions with higher fees.
We introduce a novel detection method named FRAD (Front-Running Attacks Detection on using Ternary Classification Model)
Our experimental validation reveals that the Multilayer Perceptron (MLP) classifier offers the best performance in detecting front-running attacks, achieving an impressive accuracy rate of 84.59% and F1-score of 84.60%.
arXiv Detail & Related papers (2023-11-24T14:42:29Z) - With Trail to Follow: Measurements of Real-world Non-fungible Token Phishing Attacks on Ethereum [4.297180143942048]
There has been growing anecdotal evidence that new means of NFT phishing attacks have emerged in ecosystem.
Most of the existing research focus on detecting phishing scam accounts for native cryptocurrency on the blockchain.
There is a lack of research in the area of phishing attacks of emerging NFTs.
arXiv Detail & Related papers (2023-07-04T09:18:59Z) - Blockchain Large Language Models [65.7726590159576]
This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions.
The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
arXiv Detail & Related papers (2023-04-25T11:56:18Z) - Wild Face Anti-Spoofing Challenge 2023: Benchmark and Results [73.98594459933008]
Face anti-spoofing (FAS) is an essential mechanism for safeguarding the integrity of automated face recognition systems.
This limitation can be attributed to the scarcity and lack of diversity in publicly available FAS datasets.
We introduce the Wild Face Anti-Spoofing dataset, a large-scale, diverse FAS dataset collected in unconstrained settings.
arXiv Detail & Related papers (2023-04-12T10:29:42Z) - BERT4ETH: A Pre-trained Transformer for Ethereum Fraud Detection [29.518411879700263]
BERT4ETH is a pre-trained Transformer account representation extractor for detecting various fraud behaviors.
BERT4ETH features the superior modeling capability of Transformer to capture the dynamic sequential patterns inherent in transactions.
Our empirical evaluation demonstrates that BERT4ETH outperforms state-of-the-art methods with significant enhancements in terms of the phishing account detection and de-anonymization tasks.
arXiv Detail & Related papers (2023-03-29T20:30:52Z) - A Game of NFTs: Characterizing NFT Wash Trading in the Ethereum Blockchain [53.8917088220974]
The Non-Fungible Token (NFT) market experienced explosive growth in 2021, with a monthly trade volume reaching $6 billion in January 2022.
Concerns have emerged about possible wash trading, a form of market manipulation in which one party repeatedly trades an NFT to inflate its volume artificially.
We find that wash trading affects 5.66% of all NFT collections, with a total artificial volume of $3,406,110,774.
arXiv Detail & Related papers (2022-12-02T15:03:35Z) - TTAGN: Temporal Transaction Aggregation Graph Network for Ethereum
Phishing Scams Detection [11.20384152151594]
Existing phishing scams detection technology mostly uses machine learning or network representation learning to mine the key information from the transaction network to identify phishing addresses.
We propose a Temporal Transaction Aggregation Graph Network (TTAGN) to enhance phishing detection performance.
Our TTAGN (92.8% AUC, and 81.6% F1score) outperforms the state-of-the-art methods, and the effectiveness of temporal edges representation and edge2node module is also demonstrated.
arXiv Detail & Related papers (2022-04-28T12:17:00Z) - Self-supervised Incremental Deep Graph Learning for Ethereum Phishing
Scam Detection [15.350215512903361]
Graph neural network (GNN) has shown promising performance in various node classification tasks.
For transaction data, which could be naturally abstracted to a real-world complex graph, the scarcity of labels and the huge volume of transaction data make it difficult to take advantage of GNN methods.
We propose a Self-supervised Incremental Graph learning model (SIEGE) for the phishing scam detection problem.
arXiv Detail & Related papers (2021-06-18T15:06:26Z) - Phishing and Spear Phishing: examples in Cyber Espionage and techniques
to protect against them [91.3755431537592]
Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards.
This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
arXiv Detail & Related papers (2020-05-31T18:10:09Z) - Cross-ethnicity Face Anti-spoofing Recognition Challenge: A Review [79.49390241265337]
Chalearn Face Anti-spoofing Attack Detection Challenge consists of single-modal (e.g., RGB) and multi-modal (e.g., RGB, Depth, Infrared (IR)) tracks.
This paper presents an overview of the challenge, including its design, evaluation protocol and a summary of results.
arXiv Detail & Related papers (2020-04-23T06:43:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.