Bitcoin

Monad Hit With Spoofed Token Transfers Days After Mainnet Launch

Monad Hit With Spoofed Token Transfers Days After Mainnet Launch

The post Monad Hit With Spoofed Token Transfers Days After Mainnet Launch appeared on BitcoinEthereumNews.com.

In brief Monad users have reported spoofed transfers shortly after Monday’s mainnet and token launch. Attackers emitted fake ERC-20 events that explorers displayed as real activity, according to Monad’s CTO and co-founder. The incident has coincided with rising MON trading and renewed attention on the chain. Bad actors began spoofing token transfers on Monad less than two days after the network and its MON token officially went live on Monday, and within a day of airdropped and publicly sold tokens becoming accessible to users during the chain’s first period of liquidity and onboarding. The spoofing was first reported by Monad CTO and co-founder James Hunsaker, who noted that the transactions appeared as standard token transfers on explorers, despite no movement of funds or signatures from the wallets being impersonated. “Warning—there are fake ERC-20 transfers pretending to be from my wallet,” Hunsaker disclosed Tuesday evening on X, citing a Monad user who alerted him of the transactions.  Hunsaker added that ERC-20 is “just a token interface standard,” and that it is easy for someone to write a contract that meets the required functions while inserting unauthorized address entries. Such a structure allows malicious contracts to create events to make activity appear legitimate, even when no actual wallet approval occurred. Hunsaker added that the malicious activity is not a bug on Monad’s blockchain, and is instead “spoofing within their smart contract to try to trick people.” Decrypt has reached out to Hunsaker and Monad for additional comment. “During a chain’s launch, like Monad’s, users are constantly setting up new wallets, bridging funds, and adding token contracts. Scammers know your transaction history is empty or chaotic,” Shān Zhang, chief information security officer at blockchain security firm Slowmist, told Decrypt. Those bad actors generate so-called “vanity addresses” that “match the first and last…

Read More

Related Posts

USPD stablecoin hack reveals clandestine proxy attack

USPD stablecoin hack reveals clandestine proxy attack

This Key Dogecoin Metric Shows The Market Is Entering Into An Accumulation Territory

This Key Dogecoin Metric Shows The Market Is Entering I...

Large-Scale Bitcoin Outflow: Matrixport Removes $352.5M From Binance

Large-Scale Bitcoin Outflow: Matrixport Removes $352.5M...

Bitcoin’s end-of-year run to $100K heavily depends on Fed pivot outcomes

Bitcoin’s end-of-year run to $100K heavily depends on F...

Is Bitcoin shifting to a 2-year cycle?

Is Bitcoin shifting to a 2-year cycle?

Indiana Lawmakers Push Bill to Make State a Bitcoin Leader

Indiana Lawmakers Push Bill to Make State a Bitcoin Leader