Hot Topic Ranking

Hot Score

ETH, BTC large orders emerge

Grayscale is bullish on Bitcoin's prospects.

EU New Regulations Boost Euro Stablecoin Development

Bybit launches CGPT contracts

Buy Bitcoin on dips

Coinbase Receives Subpoena

Tether's foray into AI film

Morgan Stanley: March rate cut likely

## Stablecoin Issuers Face Sell-Off

Giant whales AAVE, UNI make a killing

U.S. Nonfarm Payrolls Rise More Than Expected

Whale buys 1 billion XRP

Quantum computers cannot crack Bitcoin.

U.S. Justice Department Accuses Russian National of Money Laundering

FDIC Vice Chair Backs Cryptocurrencies

Related Currencies

#User lost $460,000 in a simulated trading scam.#

Posts

Hot Topic Details

Hot Topic Overview

Ace Hot Topic Analysis

Public Sentiment · Discussion Word Cloud

Classic Views

Hot Topic Details

Hot Topic Overview

Overview

Recently, a user lost 143.45 ETH, worth approximately $460,800, due to a transaction simulation scam. The attacker exploited the delay between transaction simulation and execution in Web3 wallets by creating a phishing website. After the user submitted the transaction, the attacker immediately tampered with the on-chain state, ultimately leading to the user losing all their assets. The attack process involved the phishing website initiating a "Claim" ETH transfer request. The wallet simulated receiving a small amount of ETH, but the attacker subsequently modified the contract state, resulting in the actual transaction depleting the wallet's assets. This incident serves as a reminder for users to carefully identify phishing websites and be aware of the delay risk between transaction simulation and execution when using Web3 wallets.

Ace Hot Topic Analysis

Analysis

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. This incident exposes the potential security risks of transaction simulation features in Web3 wallets. Attackers exploited the delay between transaction simulation and execution by creating phishing websites. They manipulated the on-chain state immediately after users submitted transactions, stealing user assets. Specifically, attackers initiated fake "Claim" ETH transfer requests. The wallet simulated receiving a small amount of ETH, but the attackers subsequently modified the contract state, resulting in the actual transaction draining the user's wallet assets. This incident reminds users to be cautious when using transaction simulation features in Web3 wallets. They should be vigilant in identifying phishing websites and avoid clicking suspicious links to prevent such attacks.

Related Currencies

Public Sentiment · Discussion Word Cloud

Public Sentiment

100%

Discussion Word Cloud

Classic Views

Transaction simulation functionality has a security vulnerability that allows attackers to exploit delayed tampering of on-chain state, resulting in user funds loss.

Attackers initiate "Claim" ETH transfer requests through phishing websites, exploiting the delay in the transaction simulation functionality to modify the contract state after user signature, ultimately draining user wallet assets.

Web3 wallet's transaction simulation functionality aims to enhance transparency and user experience, but it poses security risks that require user caution.

When performing transaction simulations, users should be aware of phishing websites and malicious contracts, avoiding clicking suspicious links or authorizing unknown contracts.