Hot Topic Ranking

Hot Score

Ronin Launches AI Agent

Grayscale is bullish on Bitcoin's prospects.

Bybit launches CGPT contracts

Buy Bitcoin on dips

Coinbase Under Investigation by CFTC

Tether's foray into AI film

Morgan Stanley: March rate cut likely

Giant whales AAVE, UNI make a killing

Binance lists three new coins

U.S. Nonfarm Payrolls Rise More Than Expected

Quantum computers cannot crack Bitcoin.

U.S. Justice Department Accuses Russian National of Money Laundering

FDIC Vice Chair Backs Cryptocurrencies

CFPB Proposes to Regulate Stablecoins

CFTC Enforcement Chief Departs

Related Currencies

#User lost $460,000 in a simulated trading scam.#

Posts

Hot Topic Details

Hot Topic Overview

Ace Hot Topic Analysis

Public Sentiment · Discussion Word Cloud

Classic Views

Hot Topic Details

Hot Topic Overview

Overview

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. The attacker exploited the delay between transaction simulation and execution in Web3 wallets by creating a phishing website and manipulating the on-chain state immediately after the user submitted the transaction. Specifically, the attacker initiated a fake "Claim" ETH transfer request, and the wallet simulated receiving a small amount of ETH. However, the attacker subsequently modified the contract state, resulting in the user's actual transaction depleting their wallet assets. This incident serves as a reminder for users to exercise caution when using the transaction simulation feature in Web3 wallets and to be vigilant in identifying phishing websites to avoid similar fraudulent losses.

Ace Hot Topic Analysis

Analysis

Recently, a user lost 143.45 ETH, approximately $460,800, due to a transaction simulation scam. The attacker exploited the delay between transaction simulation and execution in Web3 wallets by creating a phishing website and manipulating the on-chain state immediately after the user submitted the transaction. Specifically, the attacker would initiate a "Claim" ETH transfer request, and the wallet would simulate receiving a small amount of ETH. However, the attacker would then modify the contract state, resulting in the actual transaction draining the user's wallet assets. This incident serves as a reminder for users to exercise extreme caution when conducting Web3 transactions, avoid trusting phishing websites, and carefully verify transaction information to prevent losses from transaction simulation scams.

Related Currencies

Public Sentiment · Discussion Word Cloud

Public Sentiment

100%

Discussion Word Cloud

Classic Views

Web3 wallet's transaction simulation function has a security vulnerability, attackers can exploit the delay to tamper with the on-chain state.

Attackers create phishing websites to lure users into transaction simulation, and immediately modify the contract state after the transaction is submitted, resulting in user asset loss.

The transaction simulation function is designed to improve transparency and user experience, but attackers exploit the vulnerability of this function, causing user losses.

Users should be cautious about identifying phishing websites and be aware of the delay risk between transaction simulation and execution when performing transaction simulation.