I use a hardware wallet that’s totally airgapped. I don’t share my address online or let anyone send me anything. But surprisingly, I keep getting a bunch of random NFTs and even some altcoins that I’ve never heard of. I know they’re just scam attempts, and if I try to sell them, they could wipe out my hardware wallet. So how do these people even know my wallet address? Is it because I buy coins weekly and hold them?
How do these scammers figure out which wallets are getting valuable coins? I have another empty wallet, but they never send fake NFTs or coins there. Is there some way they can keep track of which wallets are active? If you have any insights, I’d love to learn. No knowledge is wasted.
Let start with everything is public on the blockchain,
What happen is start from the place youre buying and sending to exchange that address is public so there scammers that actually scan all this blockchains to see addresses sending and receiving bitcoin and other coins, once they spot this wallet they can actually see everything and history of the address including even the balance of the wallet so they simply start to spam the wallet with dust transactions
This dust attacks are not going to compromise your wallet but the scammer is looking to lure you into thinking his address is yours because they use a very similar address like yours to send this dusts and fake NFTs so if you mistakenly copy this address thinking its yours and send any coin to it and it is lost for ever
For now nothing is happening to your wallet just be cautious when sending out or rather just change wallet and send to another address but I think the scammer will still trace it there
It is as trivial as it gets and as the previous user responded this is the core of how a blockchain works. You can view transactions here for example: https://blockstream.info/tx/recent. In principle since this data is always public, you can build your own tools that focuses on it in any way you want. For example:
Only addresses with balance.Only addresses with new balance (previously zero) - higher probability of newbie user.Dormant addresses that have recently been used - higher probability of cold storage.Etc.
In the altcoin world there are bots on pretty much every chain. These days they even automate address poisoning attacks. If you send funds to an address that is like this bc1sato42....fan44 they will send you some dust automatically from an address that is as similar as possible in the beginning and the end. Something like bc1sat...n44. As generating a few specific characters in the front or back is pretty fast with a GPU. The idea behind this is to try to trick you to send funds next time to the attackers wallet and not where you intended.
There are many variations of this. Both tracking users and poisoning them is trivial. You only need to spend a little amount of resources for the dust attack. All it takes is for an occasional attack to be successful for it to be worth it economically speaking.
My general advice is to never rely on transaction history for addresses. Always double check each destination address before sending. Make sure to look also at the digits in the middle! The advice of checking the first and last bits is an security error. Lastly, take your time! You don't need to send a transaction as fast as possible. Take your time and check everything before you click on SEND.
Anytime you buy coin from an exchange and withdraw it to your hardware wallet address, there are scammers that watching the exchange wallet(hot wallet address) with some bots to track the destination wallets addresses to see what they are doing with the wallet address and the balance. If they found out that you have some coins on the address, you becomes their target to send fake nfts and fake tokens programmed with sweeper bot. Any attempt to interact with any of these fake tokens or a confirmation will wipe everything on your wallet. That wallet will remained poison for long time, any coin that enter the wallet will be sweep in seconds.
How to stop this? You can't but you can avoid them. What you should do next, your wallet is on their list of targeted addresses, generate a new wallet address from your hardware, kindly send out the coin you bought on the exchange to another fresh address, don't touch any of the fake tokens sent you and that's it.
If it is NFT, it is different from dust attack because the wallet will be compromised and the hacker will be able to transfer the coins that the person has. There are reputed user on this forum that his hardware wallet was hacked with fake NFT, but I do not remember the person, I would have searched for it.
I guess you are talking about condoras who passed away very recently, yes check the reputation board if you are not aware of it.
And that thread: Ledger hacked!!!
Even in that thread there's some spark about how to avoid such fake NFTs like filtering them out but I guess it never took off.
This attacks are automated, no one will go on public blockchain looking for new wallets that are receiving funds to poison, that's a lot of work, it will take a lot of time, AI for example will do more harm than good, they are useful when it comes to doing similar jobs, finding active addresses have become too easy, the blockchain is visible to the public and there is nothing that can change it.
My advice is ignore those nfts and tokens, if you are using a crypto wallet for tracking your coins in your hardware wallet it should have the option to hide useless tokens, keplr and okx wallet have this function, even trust wallet too, i am not just sure that you can use trust wallet to track your hardware wallet, just for tracking purposes though, those tokens are already poisoned and they are better left untouched.
This is an issue with the chain on which the NFTs are and not the NFT technology themselves. There are other altcoin chains where such an attack is not possible. Neither draining through contract approval or NFTs. In any case the best advice is to never interact with unknown NFTs and tokens that one receives for free. Usually the user is not able to tell the nuances in the security issues between Bitcoin and different altcoins. Therefore the advice should be simple, never interact with any unknown things.
It does not work. There is no decentralized ways to distinguish between real and fake ones. You could hide any links that come with it in the Ledger App. That would have an effect but it would not stop users who end up seeing these links on the blockchain explorer.
AI has nothing to do with this.
Like a couple of persons have already mentioned, the block chain is public and for that reason they are able to monitor your wallet activity on a block chain explorer. Actually, it's very possible they are aiming to carry out a dust attack on your wallet. If you have a huge amount of funds there you should swap the coins and sweep to another wallet.
This may help you lose them if they are targeting you and also ensure your keys are offline and you are not sharing your public keys or address carelessly.
That's actually a dust attack, and you don't need to share your wallet address with anyone online or offline before the attacker knows about your wallet, since crypto wallet activity is always on the blockchain.
The attack monitors blockchain wallet activities, and this is why people are advised not to use a single wallet more than once.
Through the blockchain
Yes, they monitor the blockchain activity, and the dust attack sent to your wallet is to keep a tab on the wallet address for their future shady intention.
This kind of attacks do not need your private keys not to be online, your private key can be offline and still be scammed with it if you do not know how to avoid these kind of attacks.
What exactly are you saying? Dust attacks can only be carried out when they have an address to send the dusts to and they can only do that if they have your address or keys. A wallet that doesn't make transactions will hardly get targeted by dust attacks because in the first place they need to see your history on the block chain most times.
If you create a wallet (a hot wallet) your private keys are not online but they are at a higher risk of being online so when people say your keys online they mean a hot wallet most times.
Its not hidden ( your full transaction details), it can easily be traced onchain and they are neither concern about wallet being active or not .. once youve received on it and they found the value to be some worth could even a couple of hundreds then they are interested.. They just have to generate an address that matches some part of your address ( or addresses) then poison your account history with a dust or use it as a means to easily trace your funds movement when you spend ghe dust with other inputs..
Its of no use, You can pair your wallet with wallets that support coin control if your HW wallet doesnt have one so you can freeze the particular UTXO before spending provided that its Bitcoin we are discussing here....
What I mean is that people can use your address to know about your transaction history, the address will show all your transactions on the blockchain. Private key is not needed for it.
The hackers can easily know addresses on the blockchain where it is publicly available to people. They can easily know the addresses exchanges like Binance are creating which are for users, they will trace the address that the Binance addresses are sending money to and create similar addresses and send dust coin (like $0.000001 USDT) to the person having the address. No private key is needed for it, all can be done by just seeing the addresses. The person which is the victim will mistakenly send money to the hackers address because he will think it is the exchange address he sent money from to his wallet, thinking it is his exchange account address and not know it is only similar but belong to hackers. Someone in this way will mistakenly send the money to the hackers even on a cold wallet, he initiated the transaction himself, but to a hackers address.
Anyone that does not know about the scam can use their online or cold wallet to send money to the hacker address.
The second one which is NFT, the person can follow the instruction of the fake NFT on a cold wallet and the wallet will be hacked by the hacker, like this one.
I think a lot of the people that send these NFTs look at smart contracts you interact with (ie sites you are connected to and send transactions from) as a lot of the ones I receive are specific to those. There are a few wash attacks too (where they just try to get a lot of active wallets).
I think most of them are just to send targeted advertising but I'm not sure I'd trust a site that advertises that way.
But all Blockchains are public, even if he swapped and moved to another wallet or network, there are other scammers that are also doing same thing in that Blockchain network. So swapping and moving to different wallets or network might not really solve these attacks. He should just avoid interacting with those fake coins and nfts that are being sent to his wallet and he will be fine.
I am using a keystone wallet and I have similar story to share, from crappy valueless tokens to huge amount of tokens with fake amount showing thousands of dollars in value, they try to trick me a lot and I never fall for it and they got tired of trying, now it is limited.
I guess the plan for the is to look for newbies who are not smart with crypto market, they hope you make a move on the fake tokens to get drained, if you don't do anything they believe you to be better than the majority of others, the best advice I can give is "do nothing", don't go after tokens that you never bought with your money, what is not yours is never yours to claim and you will be fine.
Often I hear people forget that once youre dealing with crypto everything really is public on the blockchain, and thats exactly how these scammers take advantage. They dont need to hack you, they just scan the chain for active wallets and start spamming dust or fake NFTs. The danger is not in those tokens themselves but in tricking you into copying the wrong address that looks like yours. Once you send to it, the coins are gone forever. The best move is always double checking your address carefully before sending and not interacting with strange tokens. Even if you switch wallets, they can still find you, so the real defense is caution, not panic.