Trending News: Can Trump fire Powell?What economic risks will it bring?Glassnode: Are we experiencing a bull-bear transition?The Post Web Accelerator’s first batch of 8 selected projectsWhich one is more “just” between Nubit, Babylon and Bitlayer?Golden Encyclopedia | How did the trade war affect stocks and crypto markets?Golden Encyclopedia | Is BTC a safe haven during the trade war?Why Americans Want to Leave the United States: Economic, Political and Global ChangesData: BTC mining is highly centralized, and six major mining pools mine more than 95% of the blocksWhat is the core of the game between China and the United States caused by Trump’s tariff war?How to go to the marketWhy does blockchain die?What challenges does blockchain adoption face?Report: DeFi lending has increased by 959% since 2022 to $19.1 billionBitwise: Bitcoin’s extraordinary resilienceBankless: Can Bitcoin flourish on the chain?Coingecko: How wide is the adoption of encryption AI in 2025?Coingecko: How trust is people in AI agent KOLsHow much impact does Trump’s overturning IRS rules have on the crypto field?What is a bear market attack?How whales use them to make money in crypto tradingDeepSeek accelerates web3 transformation and changes corporate value and risk management modelsThis is the truth Trump is being stabbed by Japanese institutionsInterpretation of SEAL: Sui’s decentralized key management solutionWho made Trump change his mindTrump’s 180-degree turn What happened in the 18 hours of changing the global marketReciprocal tariffs are suspended, crypto markets are surging, and only China is in troubleQuick view of Binance HODLer Phase 14 Airdrop Project Babylon (BABY)US Senator: What status should Bitcoin have in the United States?Coingecko: Which listed companies are major BTC holders?Sei Lianchuang: Expanding EVM requires L1 instead of L2The full text of the latest speech by Trump’s think tank: The essence of the United States’ “reciprocal tariffs”Vitalik’s latest speech: Why speed up L2 confirmation?How to speed upEthereum Pectra Upgrade: Is it a milestone or another gimmick?CZ Fireside Dialogue: HODL Strategy Challenges, Survival Rules under Market VolatilityStablecoin earnings guideMusk openly criticizes the tariff faction and calls for Europe and the United States to establish a free trade zone with zero tariffsEmily Parker: 2025 Web3 trends int and US and AsiaEmily Parker: How to bridge the Web3 assets and traditional capitalGMGN Co-founder Haze’s speechXiao Feng Hong Kong’s latest speech: Why is it said that public chains are a new generation of financial infrastructureSolana Lily’s speechBitcoin will benefit from the ebb of the US dollar reserve system and the global de-dollarization trendFrom traditional replication to innovation Can Backpack seize the future?Saylor’s $200 trillion BTC strategy: U.S. BTC domination and immortalityEthereum’s two major upgrades to Pectra and Fusaka are explained in detail. What will be brought to ETH?Coingecko: How do investors view the potential of crypto AI technology?Galaxy: Research on the current situation of Futarchy governance system and on-chain forecast marketThe latest updates from ETH and Solana: What are the things to pay attention to?Golden Encyclopedia | What is address poisoning attack? How to avoid it?Quick view of Binance HODLer’s latest airdrop project Particle NetworkWill Celestia pose a threat to Ethereum?Ethereum supply tightening: a prelude to a price rebound or a temporary fog?BSC Meme’s popularity remains unabated for a week. Can it really work this time?Galaxy: The Twilight Road to Web3 GamesEthereum declines, PVP prevails, misses the summer of 2020Why invest in AR?How Bitcoin Takes Over Wall StreetThe lively thrill of CZ and MEME BNB Chain is in progressPoW mining does not constitute securities issuance. No registration is required. See what the US SEC said.PumpFun fills up the Swap puzzle, the first encrypted dApp outline appearsTrump: The United States will dominate cryptocurrencies and next-generation financial technologyWhy are North Korean hackers so good at stealing cryptocurrencies?Why can BSC successfully replicate the Solana Ecological Meme miracle?Hacker storm resurfaces: OKX suspends DEX, Binance winsAnalysis of the crypto market in 2025: MEME boom and cold thinking in the Trump eraAnalysis of the crypto market in 2025: MEME boom and cold thinking in the Trump eraEthereum price falls into a “cursed” downward trend and may continue throughout the yearStrategic Reserves and Game of Thrones II: The Encrypted Order in the Trump AgeRAY rose by more than 22% in 24 hours: Raydium LaunchLab In-depth Research ReportPectra upgrade countdown Vitalik explains the “Wallet Security” strategy in detailIt turns out that this is how BSC gets rich by beating dogsThe Middle East is coming, and the Golden Dogs are constantly on the BSC chainMubarak soared by 1300 times CZ has added several more A8 players to BSCBankless: What are native Rollups?Bitwise: Why is it said that the tariff war triggered a sharp pullback in BTC is a buying opportunityBTC pullback nearly 30% When will institutional funds returnEthereum Don’t let newcomers downThe narrative of altcoin ETF is not working?Time of liquidity ebb: Who is protecting the Tower of Babel of Ethereum?The next major upgrade to Bitcoin?Evaluation of OP_CAT and OP_CTVMake encryption great again Trump helps Wall StreetThe latest speech by former vice president of the central bank: The rise and challenge of cryptocurrenciesBitcoin’s crossroads: Bear or new highs, where will the market goLinkedIn Recruitment Phishing AnalysisGold hits record high How long will it take for Bitcoin to beTrump adviser David Sacks’ “clearance drama”Meme currency market review: How many people have caught the Golden Dog in the past year?3 Reasons Why Ethereum Still Being Bullish After Slump to 17-Month LowJudicial disposal of virtual currencies: Beware of becoming illegal financial activitiesFinancial advisors and large brokerage firms drive the next wave of Bitcoin ETF adoptionBTC ETF Next Process: Financial Advisors and Big Institutions Lead the Expansion WaveSudden news: Trump’s stake in BinanceLogical analysis of Binance’s share reduction and MGX investment: Valuation Motivation and Market InfluenceEthereum Prague Upgrade In-depth Research Report: Ecological Impact and Future OutlookCan the Pectra upgrade reshape the Ethereum ecosystem?Binance surrenders to the UAEGolden Encyclopedia | What role does gold, oil, and BTC play in the US reserves?How did Meme coins go from online jokes to crypto culture engines?Users don’t want VC coins or meme coins. So what do users want?a16z: Exploring the efficient and secure path of zkVMGlassnode: Is there still a bull market?What is the bottom of this round of declineARK Research Report: Oversold, Currency Circulation—A Study on the Crypto Market in FebruaryWeb3 Consumer Application mainstream paradigm, opportunities and challenges
Fri. Apr 18th, 2025
Trending News: Can Trump fire Powell?What economic risks will it bring?Glassnode: Are we experiencing a bull-bear transition?The Post Web Accelerator’s first batch of 8 selected projectsWhich one is more “just” between Nubit, Babylon and Bitlayer?Golden Encyclopedia | How did the trade war affect stocks and crypto markets?Golden Encyclopedia | Is BTC a safe haven during the trade war?Why Americans Want to Leave the United States: Economic, Political and Global ChangesData: BTC mining is highly centralized, and six major mining pools mine more than 95% of the blocksWhat is the core of the game between China and the United States caused by Trump’s tariff war?How to go to the marketWhy does blockchain die?What challenges does blockchain adoption face?Report: DeFi lending has increased by 959% since 2022 to $19.1 billionBitwise: Bitcoin’s extraordinary resilienceBankless: Can Bitcoin flourish on the chain?Coingecko: How wide is the adoption of encryption AI in 2025?Coingecko: How trust is people in AI agent KOLsHow much impact does Trump’s overturning IRS rules have on the crypto field?What is a bear market attack?How whales use them to make money in crypto tradingDeepSeek accelerates web3 transformation and changes corporate value and risk management modelsThis is the truth Trump is being stabbed by Japanese institutionsInterpretation of SEAL: Sui’s decentralized key management solutionWho made Trump change his mindTrump’s 180-degree turn What happened in the 18 hours of changing the global marketReciprocal tariffs are suspended, crypto markets are surging, and only China is in troubleQuick view of Binance HODLer Phase 14 Airdrop Project Babylon (BABY)US Senator: What status should Bitcoin have in the United States?Coingecko: Which listed companies are major BTC holders?Sei Lianchuang: Expanding EVM requires L1 instead of L2The full text of the latest speech by Trump’s think tank: The essence of the United States’ “reciprocal tariffs”Vitalik’s latest speech: Why speed up L2 confirmation?How to speed upEthereum Pectra Upgrade: Is it a milestone or another gimmick?CZ Fireside Dialogue: HODL Strategy Challenges, Survival Rules under Market VolatilityStablecoin earnings guideMusk openly criticizes the tariff faction and calls for Europe and the United States to establish a free trade zone with zero tariffsEmily Parker: 2025 Web3 trends int and US and AsiaEmily Parker: How to bridge the Web3 assets and traditional capitalGMGN Co-founder Haze’s speechXiao Feng Hong Kong’s latest speech: Why is it said that public chains are a new generation of financial infrastructureSolana Lily’s speechBitcoin will benefit from the ebb of the US dollar reserve system and the global de-dollarization trendFrom traditional replication to innovation Can Backpack seize the future?Saylor’s $200 trillion BTC strategy: U.S. BTC domination and immortalityEthereum’s two major upgrades to Pectra and Fusaka are explained in detail. What will be brought to ETH?Coingecko: How do investors view the potential of crypto AI technology?Galaxy: Research on the current situation of Futarchy governance system and on-chain forecast marketThe latest updates from ETH and Solana: What are the things to pay attention to?Golden Encyclopedia | What is address poisoning attack? How to avoid it?Quick view of Binance HODLer’s latest airdrop project Particle NetworkWill Celestia pose a threat to Ethereum?Ethereum supply tightening: a prelude to a price rebound or a temporary fog?BSC Meme’s popularity remains unabated for a week. Can it really work this time?Galaxy: The Twilight Road to Web3 GamesEthereum declines, PVP prevails, misses the summer of 2020Why invest in AR?How Bitcoin Takes Over Wall StreetThe lively thrill of CZ and MEME BNB Chain is in progressPoW mining does not constitute securities issuance. No registration is required. See what the US SEC said.PumpFun fills up the Swap puzzle, the first encrypted dApp outline appearsTrump: The United States will dominate cryptocurrencies and next-generation financial technologyWhy are North Korean hackers so good at stealing cryptocurrencies?Why can BSC successfully replicate the Solana Ecological Meme miracle?Hacker storm resurfaces: OKX suspends DEX, Binance winsAnalysis of the crypto market in 2025: MEME boom and cold thinking in the Trump eraAnalysis of the crypto market in 2025: MEME boom and cold thinking in the Trump eraEthereum price falls into a “cursed” downward trend and may continue throughout the yearStrategic Reserves and Game of Thrones II: The Encrypted Order in the Trump AgeRAY rose by more than 22% in 24 hours: Raydium LaunchLab In-depth Research ReportPectra upgrade countdown Vitalik explains the “Wallet Security” strategy in detailIt turns out that this is how BSC gets rich by beating dogsThe Middle East is coming, and the Golden Dogs are constantly on the BSC chainMubarak soared by 1300 times CZ has added several more A8 players to BSCBankless: What are native Rollups?Bitwise: Why is it said that the tariff war triggered a sharp pullback in BTC is a buying opportunityBTC pullback nearly 30% When will institutional funds returnEthereum Don’t let newcomers downThe narrative of altcoin ETF is not working?Time of liquidity ebb: Who is protecting the Tower of Babel of Ethereum?The next major upgrade to Bitcoin?Evaluation of OP_CAT and OP_CTVMake encryption great again Trump helps Wall StreetThe latest speech by former vice president of the central bank: The rise and challenge of cryptocurrenciesBitcoin’s crossroads: Bear or new highs, where will the market goLinkedIn Recruitment Phishing AnalysisGold hits record high How long will it take for Bitcoin to beTrump adviser David Sacks’ “clearance drama”Meme currency market review: How many people have caught the Golden Dog in the past year?3 Reasons Why Ethereum Still Being Bullish After Slump to 17-Month LowJudicial disposal of virtual currencies: Beware of becoming illegal financial activitiesFinancial advisors and large brokerage firms drive the next wave of Bitcoin ETF adoptionBTC ETF Next Process: Financial Advisors and Big Institutions Lead the Expansion WaveSudden news: Trump’s stake in BinanceLogical analysis of Binance’s share reduction and MGX investment: Valuation Motivation and Market InfluenceEthereum Prague Upgrade In-depth Research Report: Ecological Impact and Future OutlookCan the Pectra upgrade reshape the Ethereum ecosystem?Binance surrenders to the UAEGolden Encyclopedia | What role does gold, oil, and BTC play in the US reserves?How did Meme coins go from online jokes to crypto culture engines?Users don’t want VC coins or meme coins. So what do users want?a16z: Exploring the efficient and secure path of zkVMGlassnode: Is there still a bull market?What is the bottom of this round of declineARK Research Report: Oversold, Currency Circulation—A Study on the Crypto Market in FebruaryWeb3 Consumer Application mainstream paradigm, opportunities and challenges
Fri. Apr 18th, 2025

Web3 security introduction to avoid pits | Airdrop scam

background

In the previous issue of Web3 security introduction to avoid pits, we mainly explained the relevant knowledge of multi-signing fishing, including the multi-signing mechanism, the reasons for multi-signing, and how to avoid malicious multi-signing of wallets.What we are going to explain in this issue is a marketing method that is regarded as an effective marketing method in both traditional industries and crypto fields – airdrop.

Airdrops can push the project from obscurity to the public’s vision in a short period of time, quickly accumulate user base, and enhance market influence.When users participate in Web3 projects, they need to click on relevant links and interact with project parties to obtain airdrop tokens. However, from high-quality imitation websites to tools with backdoors, hackers have long been full of traps upstream and downstream of user airdrop process.Therefore, in this issue, we will explain the relevant risks by analyzing some typical airdrop scams to help everyone avoid pitfalls.

What is airdrop

In order to increase the popularity of the project and realize the accumulation of early users, Web3 project parties often distribute tokens to specific wallet addresses for free. This behavior is called “airdrop”.For the project party, this is the most direct way to get users.Depending on how to obtain airdrops, airdrops can usually be divided into the following categories:

  • Task type: Complete tasks specified by the project party, such as forwarding, like, etc.

  • Interactive type: Complete operations such as token exchange, token issuance and collection, and cross-chain.

  • Holding type: Hold tokens specified by the project party to obtain airdrop tokens.

  • Pledge type: Obtain airdrop tokens through single or dual currency pledge, providing liquidity or long-term lockout.

Risks when dropping airspace

Fake airdrop scam

Such scams can be subdivided into the following types:

1. Hackers stole the project party’s official account and posted a message of fake airdrops.We can often see security reminder on the information platform that “the X account or Discord account of a certain project has been hacked, please do not click on the phishing link posted by the hacker.”According to the data from the Blockchain Security and Anti-Money Laundering Report in the first half of 2024, in the first half of 2024 alone, there were 27 incidents of the project party’s account being hacked.Users click on these links based on their trust in their official accounts, and are then directed to a phishing website disguised as airdrops.Once a private key/mnemonic is entered on the phishing website or the relevant permissions are authorized, the hacker can steal the user’s assets.

2. Hackers use high-quality project party accounts to swipe messages in the comment area of ​​the project party’s official real account, post messages about receiving airdrops, and induce users to click on the phishing link.Previously, the Slow Fog Security Team analyzed this method and put forward response suggestions, to see the real and fake project parties | Beware of high imitation number fishing in the comment area; in addition, after the real project parties release the airdrop news, hackers will follow closely,Use high-quality imitation accounts on social platforms to publish large quantities of dynamics containing phishing links. Many users have installed fake APPs or opened phishing websites for signature authorization because they did not carefully identify them.

(https://x.com/im23pds/status/1765577919819362702)

3. The third fraud routine is even more abominable. They are definitely scammers. They lurk in the group of Web3 projects, select target users to conduct social engineering attacks, and sometimes use airdrops as bait to “teach” users to transfer tokens as required to obtainairdrop.Please be vigilant and don’t easily believe netizens who actively contact your “official customer service” or “teach” you how to operate. These people are most likely to be scammers. You just want to get an airdrop, but you suffer heavy losses.

“Free” airdrop tokens

The beginning mentioned that users often need to complete some kind of task to obtain airdrops. Let’s take a look at the situation of “free” user tokens.Hackers will airdrop tokens that have no actual value to the user’s wallet, and users see these tokens and may try to interact with them, such as transferring, viewing, or trading on a decentralized exchange.However, we reversely analyze a Scam NFT smart contract and found that it will fail when trying to pledge an order or transfer this Scam NFT, and then an error message “Visit website to unlock your item” is displayed, inducing users to visit the phishing website.

If a user visits a Scam NFT-booted phishing website, the hacker may do the following:

  • Bulk “zero yuan purchase” valuable NFT, see “zero yuan purchase” NFT phishing analysis

  • Take away Approve authorization or Permit signature from a high-value Token

  • Take away the native assets

Next, let’s see how hackers steal users’ Gas fees through a well-designed malicious contract.

First, the hacker created a malicious contract called GPT on BSC (0x513C285CD76884acC377a63DC63A4e83D7D21fb5) to attract users to interact by airdropping tokens.

When the user interacts with the malicious contract, a request appears to require approval of the contract to use the tokens in the wallet.If the user approves this request, the malicious contract will automatically increase the Gas limit based on the balance in the user’s wallet, which will cause subsequent transactions to consume more Gas fees.

Malicious contracts use excess Gas tokens (CHI tokens can be used for Gas compensation) using high Gas provided by users.After a malicious contract accumulates a large number of CHI tokens, hackers can obtain Gas compensation returned when the contract is destroyed by burning CHI tokens.

(https://x.com/SlowMist_Team/status/1640614440294035456)

In this way, hackers skillfully use users’ Gas fees to make a profit for themselves, and users may not realize they have paid the additional Gas fees.Users thought they could make profits by selling airdrop tokens, but their native assets were stolen.

Tools with backdoors

(https://x.com/evilcos/status/1593525621992599552)

During the airdrop process, some users need to download plug-ins such as translation or query token rarity. The security of these plug-ins is questionable, and some users do not download them from the official channel when downloading the plug-in, which makes it possible to download it with a backdoor.The possibility of plugins is greatly increased.

In addition, we have also noticed that there are services for selling airspace drop scripts online, claiming that automatic batch interaction can be completed by running scripts, which sounds quite efficient, but please note that downloading uncensored and verified scripts is extremely risky becauseYou can’t determine the source of the script and its real functionality.Scripts may contain malicious code, potential threats include stealing private keys/mnemonics or performing other unauthorized operations.Moreover, some users did not install or close antivirus software when performing related types of risk operations, resulting in failure to find that the device was caught in a Trojan, which was damaged.

Summarize

In this guide, we mainly explain to you what risks will be when airspace is encountered by analyzing scams. Many projects now use airdrops as marketing methods. Users can use the following measures to reduce the possibility of assets being damaged during airspace.:

  • Verification by multiple parties. When visiting the airdrop website, please check the URL carefully. You can confirm it through the project’s official account or announcement channel. You can also install a phishing risk blocking plug-in (such as Scam Sniffer) to assist in identifying the phishing website.

  • Wallet hierarchical, used by airspace wallets to store small amounts of funds, and put large amounts of funds in cold wallets.

  • Be vigilant about airdrop tokens received from unknown sources and do not easily perform authorization/signature operations.

  • Pay attention to check whether the Gas limit of the transaction is abnormally high.

  • Use well-known antivirus software, such as Kaspersky, AVG, etc., to keep real-time protection on and update the latest virus database at any time.

    • jakiro

    Related Posts

    Berachain announces $632 million BERA airdrop plan and launches main network
    Berachain announces $632 million BERA airdrop plan and launches main network

    Author: Tom Mitchelhill, CoinTelegraph; Compiled by: Tao Zhu, Bitchain Vision The Berachain Foundation, an organization supporting the Liquidity Proof Layer 1 blockchain, has announced its airdrop plan for native BERA…

    Continue reading
    VC coins airdrop and a brilliant technology dream
    VC coins airdrop and a brilliant technology dream

    Source: X, Rui@YueiZhang In the cycle from 2022 to 2024, the model of strong VC endorsement + large airdrop to “community” + first-time coins has become the mainstream trend in…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    People

    Can Trump fire Powell?What economic risks will it bring?

    • By jakiro
    • April 18, 2025
    • 1 views
    Can Trump fire Powell?What economic risks will it bring?
    Research Report

    Glassnode: Are we experiencing a bull-bear transition?

    • By jakiro
    • April 18, 2025
    • 0 views
    Glassnode: Are we experiencing a bull-bear transition?
    Research Report

    The Post Web Accelerator’s first batch of 8 selected projects

    • By jakiro
    • April 17, 2025
    • 13 views
    The Post Web Accelerator’s first batch of 8 selected projects
    Bitcoin

    Which one is more “just” between Nubit, Babylon and Bitlayer?

    • By jakiro
    • April 17, 2025
    • 10 views
    Which one is more “just” between Nubit, Babylon and Bitlayer?
    Encyclopedia

    Golden Encyclopedia | How did the trade war affect stocks and crypto markets?

    • By jakiro
    • April 17, 2025
    • 8 views
    Golden Encyclopedia | How did the trade war affect stocks and crypto markets?
    Encyclopedia

    Golden Encyclopedia | Is BTC a safe haven during the trade war?

    • By jakiro
    • April 16, 2025
    • 11 views
    Golden Encyclopedia | Is BTC a safe haven during the trade war?
    Home
    News
    School
    Search