Hayden Adams, the creator of the decentralized exchange Uniswap, has highlighted a new attack vector targeting cryptocurrency users through the Ethereum Name Service (ENS).
first time I’ve seen this scam, so posting it as a heads up for users and interfaces
someone bought the ens “[myEthereumAddress].eth”
so when you paste in my address, the top result in some UIs is an ens match instead of the resolved ENS name
impt for UIs to filter these out pic.twitter.com/0cQAL5tQ0T
— hayden.eth ? (@haydenzadams) February 14, 2024
The entrepreneur discovered that someone purchased an ENS domain resembling his Ethereum address 0x11E4857Bb9993a50c685A79AFad4E6F65D518DDa.
As a result, in some interfaces, the preferred option when searching is the name 0x11E4857Bb9993a50c685A79AFad4E6F65D518DDa.eth, which is linked to a completely different wallet.
ENS domains allow for the use of easily readable addresses instead of lengthy numbers. For instance, Hayden’s is hayden.eth, while Ethereum founder Vitalik Buterin’s is vitalik.eth.
fun fact: this scam vector is why we originally broke registrations & resolutions for all 0x… names in the early MEW days (in addition to rugging a slew of vanilla js hex handling bugs/vulns)
— Tay ? (@tayvano_) February 14, 2024
“Fun fact: this potential scam vector is why we originally closed registration and resolutions for all 0x addresses back in the early days of MEW,” commented Taylor Monahan from MetaMask, who was previously part of the MyEtherWallet team.
Lead ENS developer Nick Johnson from the Ethereum Foundation noted that interfaces should not auto-complete address fields as it is “far too dangerous.”
IMO, interfaces shouldn’t autocomplete names at all; it’s far too dangerous. I think we advise against it in our UX guidelines.
— nick.eth (@nicksdjohnson) February 14, 2024
“I think we advise against it in our UX guidelines,” he added.
Back in July 2023, attackers gained control of Adams’ Twitter account to post phishing links related to Russia.