Uniswap Founder Cautions Against Fake ENS Domain Scams
Hayden Adams, the founder of Uniswap, took to social media to alert the crypto community about a new wave of scams targeting users through deceptive user interfaces (UIs) in crypto wallets.
Adams warning sheds light on how scammers are leveraging fake clones of Ethereum Name Service (ENS) domains to deceive users and potentially siphon funds.
How the Scam Works
In a post on X, Adams expressed his concern, stating, first time Ive seen this scam, so posting it as a heads up for users and interfaces.
first time Ive seen this scam, so posting it as a heads up for users and interfaces
someone bought the ens [myEthereumAddress].eth
so when you paste in my address, the top result in some UIs is an ens match instead of the resolved ENS name
impt for UIs to filter these out pic.twitter.com/0cQAL5tQ0T
hayden.eth (@haydenzadams) February 14, 2024
The scam involves the fraudster purchasing an ENS domain that closely resembles a legitimate Ethereum address but substituting alphabetic characters with alphanumeric sequences.
Subsequently, when unsuspecting users input the genuine Ethereum address into their crypto wallet UIs, these interfaces display the scammers address as the primary result instead of the intended recipients. This could lead users to send funds to the scammers address unknowingly.
He highlighted a specific instance where a bad actor purchased the ENS domain [myEthereumAddress].eth, which closely resembled his own Ethereum address, 0x11E4857Bb9993a50c685A79AFad4E6F65D518DDa.
Adams stressed the importance of interfaces integrating filters to tackle these scams and advised users to proceed cautiously. He stated, impt for UIs to filter these out.
Following the post, Nick Johnson, the founder of ENS, expressed his view that interfaces should refrain from autocompleting names altogether, deeming it excessively risky. He noted that such a practice is discouraged in their user experience (UX) guidelines.
IMO, interfaces shouldnt autocomplete names at all; its far too dangerous. I think we advise against it in our UX guidelines.
nick.eth (@nicksdjohnson) February 14, 2024
ENS stands for Ethereum Name Service, a domain name system built on the Ethereum blockchain. It enables users to substitute intricate Ethereum addresses with more user-friendly and understandable names such as myname.eth.
Scammers Exploit ENS Domains to Mimic Major Exchanges
In a related incident, scammers have previously used ENS domains to mimic major exchanges wallets by using a single address to register multiple ENS domains that closely resemble the hexadecimal addresses of highly active addresses. The scammer then added .eth at the end of these addresses.
For instance, the FTX address 0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2 was mimicked as 0x2FAF487A4414Fe77e2327F0bf4AE2a264a776AD2.eth1.
The primary aim is to intercept payments directed to these mimicked addresses, exploiting the feature of many wallets supporting ENS domains as valid destinations for asset transfers. As a result, users risk unknowingly sending assets to these fake domains with a single misclick.
The post Uniswap Founder Cautions Against Fake ENS Domain Scams appeared first on CryptoPotato.
Read more: https://cryptopotato.com/uniswap-founder-cautions-against-fake-ens-domain-scams/
Text source: CryptoPotato