Hayden Adams, the founder of the decentralized exchange (DEX) Uniswap, has issued a cautionary alert to the cryptocurrency community regarding a scam exploiting wallet addresses masquerading as Ethereum Name Service (ENS) domains. Adams took to X on February 14 to share the warning, revealing that scammers had replicated his Ethereum wallet address and registered it as an ENS wallet with a .eth extension. Furthermore, Adams noted that certain user interfaces would display ENS matches in their top search results, leading to potential confusion for digital asset senders seeking to verify recipient addresses.
The scheme appears crafted to mislead senders into inadvertently directing cryptocurrencies to incorrect addresses instead of their intended recipients. Adams stressed the importance for user interfaces to implement filters to screen out such fraudulent addresses, thus mitigating risks associated with potential attack vectors. Although this particular scam seems novel, Taylor Monahan, founder of Ethereum wallet manager MyCrypto, highlighted in an article that a similar tactic was previously employed during the early stages of the MyEtherWallet service, particularly impacting the registration and resolution of names beginning with "0x."
Addressing the scam vector, Nick Johnson, the founder and lead developer of ENS, emphasized the necessity for interfaces to refrain from autocompleting names, deeming such functionality as "too dangerous." This stance aligns with ENS's user experience guidelines, which advise against autocomplete features due to their susceptibility to exploitation. Concurrently, reports have surfaced of cryptocurrency investors receiving deceptive emails in January from scammers impersonating prominent Web3 entities. On January 23, scammers initiated a widespread email campaign promoting fraudulent airdrops, masquerading as reputable companies such as Cointelegraph, WalletConnect, and Token Terminal, among others.
Further investigation revealed that the phishing onslaught stemmed from a security breach at the email marketing company MailerLite. On January 24, the company acknowledged that hackers had gained unauthorized access to a Web3 account through a social engineering attack. According to findings by the research team at analytics platform Nansen, the scammers' phishing wallets have accumulated approximately $3.3 million in inflows since the commencement of the campaign.
