Related papers: Ethereum Crypto Wallets under Address Poisoning: How Usable and Secure Are They?

Ethereum Crypto Wallets under Address Poisoning: How Usable and Secure Are They?

URL: http://arxiv.org/abs/2508.12107v1
Date: Sat, 16 Aug 2025 17:06:56 GMT
Title: Ethereum Crypto Wallets under Address Poisoning: How Usable and Secure Are They?
Authors: Shixuan Guan, Kai Li,
Abstract summary: address poisoning is an emerging phishing attack that crafts "similar-looking" transfer records in the victim's transaction history.<n>Recent works have shown that millions of users were targeted and lost over 100 million US dollars.<n> crypto wallets play a central role in deploying countermeasures to mitigate the address poisoning attack.
Score: 4.641069902222306
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: Blockchain address poisoning is an emerging phishing attack that crafts "similar-looking" transfer records in the victim's transaction history, which aims to deceive victims and lure them into mistakenly transferring funds to the attacker. Recent works have shown that millions of Ethereum users were targeted and lost over 100 million US dollars. Ethereum crypto wallets, serving users in browsing transaction history and initiating transactions to transfer funds, play a central role in deploying countermeasures to mitigate the address poisoning attack. However, whether they have done so remains an open question. To fill the research void, in this paper, we design experiments to simulate address poisoning attacks and systematically evaluate the usability and security of 53 popular Ethereum crypto wallets. Our evaluation shows that there exist communication failures between 12 wallets and their transaction activity provider, which renders them unable to download the users' transaction history. Besides, our evaluation also shows that 16 wallets pose a high risk to their users due to displaying fake token phishing transfers. Moreover, our further analysis suggests that most wallets rely on transaction activity providers to filter out phishing transfers. However, their phishing detection capability varies. Finally, we found that only three wallets throw an explicit warning message when users attempt to transfer to the phishing address, implying a significant gap within the broader Ethereum crypto wallet community in protecting users from address poisoning attacks. Overall, our work shows that more efforts are needed by the Ethereum crypto wallet developer community to achieve the highest usability and security standard. Our bug reports have been acknowledged by the developer community, who are currently developing mitigation solutions.

Related papers

MemeChain: A Multimodal Cross-Chain Dataset for Meme Coin Forensics and Risk Analysis [52.468043639056596]
The meme coin ecosystem has grown into one of the most active yet least observable segments of the cryptocurrency market.<n>MemeChain integrates on-chain data with off-chain artifacts, including website HTML source code, token logos, and linked social media accounts.<n>We quantify the ecosystem's extreme volatility, identifying 1,801 tokens (5.15%) that cease all trading activity within just 24 hours of launch.
arXiv Detail & Related papers (2026-01-28T14:42:02Z)
WalletProbe: A Testing Framework for Browser-based Cryptocurrency Wallet Extensions [8.064056857526813]
WalletProbe is a mutation-based testing framework based on visual-level oracles.<n>We have identified 13 attack vectors that can be abused by attackers to exploit cryptocurrency wallets and exposed 21 concrete attack strategies.
arXiv Detail & Related papers (2025-04-16T03:24:30Z)
Blockchain Address Poisoning [5.68371809302547]
In many blockchains, users often select addresses from their recent transaction history, which enables blockchain address poisoning.<n>The adversary generates lookalike addresses similar to one with which the victim has previously interacted, and then engages with the victim to poison'' their transaction history.<n>We identify 13times more attack attempts than reported previously -- totaling 270M on-chain attacks targeting 17M victims.
arXiv Detail & Related papers (2025-01-28T03:34:59Z)
Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers [51.0477382050976]
An extra prompt token, called the switch token in this work, can turn the backdoor mode on, converting a benign model into a backdoored one. To attack a pre-trained model, our proposed attack, named SWARM, learns a trigger and prompt tokens including a switch token. Experiments on diverse visual recognition tasks confirm the success of our switchable backdoor attack, achieving 95%+ attack success rate.
arXiv Detail & Related papers (2024-05-17T08:19:48Z)
WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets [19.265999943788284]
We present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose. We design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis. evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision.
arXiv Detail & Related papers (2024-05-07T14:01:27Z)
Pisces: Private and Compliable Cryptocurrency Exchange [7.907585289497186]
We propose a cryptocurrency exchange that restores user anonymity for the first time. Since the platform knows highly sensitive user private information such as passport number, bank information etc, linking all (on-chain) transactions raises a serious privacy concern. We also ensure that the user cannot double spend, and the user has to properly report accumulated profit for tax purposes, even in the private setting.
arXiv Detail & Related papers (2023-09-04T15:33:46Z)
Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) [50.888293380932616]
We study the ecosystem of the tokens and liquidity pools. We find that about 60% of tokens are active for less than one day. We estimate that 1-day rug pulls generated $240 million in profits.
arXiv Detail & Related papers (2022-06-16T14:20:19Z)
Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's Post-Quantum Security [67.06003361150228]
A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task. In this work, we examine the hardness of finding such chain of PoWs against quantum strategies. We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
arXiv Detail & Related papers (2020-12-30T18:03:56Z)
Backdoor Attack against Speaker Verification [86.43395230456339]
We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
arXiv Detail & Related papers (2020-10-22T11:10:08Z)
Blockchain is Watching You: Profiling and Deanonymizing Ethereum Users [0.0]
We propose and implement user profiling techniques based on quasi-identifiers. We describe a malicious value-fingerprinting attack, a variant of the Danaan-gift attack, applicable for the confidential transaction overlays.
arXiv Detail & Related papers (2020-05-28T14:33:32Z)
Pump and Dumps in the Bitcoin Era: Real Time Detection of Cryptocurrency Market Manipulations [50.521292491613224]
We perform an in-depth analysis of pump and dump schemes organized by communities over the Internet. We observe how these communities are organized and how they carry out the fraud. We introduce an approach to detect the fraud in real time that outperforms the current state of the art.
arXiv Detail & Related papers (2020-05-04T21:36:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.