WATCH OUT FOR THIS CRYPTO SCAM: Copy & Paste Exploit Exposed
A Reddit user operating under the nickname “seraf1990” warned crypto holders of a copy & paste scam that stole his crypto holdings. This copy & paste scam works by replacing a wallet address he copied from Coinbase with the one belonging to scammers. In his post, seraf1990 added that he lost about $350 worth of Bitcoin. This money, as he noted, was meant to go towards his next month’s rent.
The post explains how exactly seraf1990 got scammed. He was attempting to cash out some Bitcoin by sending it from Binance to his Coinbase account. After copying the exchange’s Bitcoin wallet address, the Reddit user pasted it into the appropriate field on the Binance exchange and completed the transaction “without a second thought.” It was only later that he actually realized the address had somehow been switched out.
This type of attack is not new. In fact, it is fairly common, except for one major difference. When a bad actor swaps out the address for one of their own, the two addresses are usually completely different from one another, therefore making the exploit reasonably easy to spot. However, in this case, however, the first four digits of the two addresses were the same.
The fact that Coinbase only displays the first couple of digits of the wallet on the user’s device only compounded the issue.
In the post, seraf1990 said that the device used in this particular transaction was a computer using Windows OS. Some replies on the thread speculated that some form of malware could be behind the crypto scam, though the exact method was never directly confirmed.
Since the method of spreading this particular malware is not known, we can only speculate on how to defend against it. However, it is safe to say that clicking on unknown links and downloading unsafe files is a sure way to get your crypto stolen.