'Forged' ERC20 transactions initiated by another address showing in history #7906
Labels
bug
Something isn't working as expected
Comments
|
@jonsats Trezor Suite has already this functionality since the February release. https://trezor.io/support/a/address-poisoning-attacks |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
and others
Description:
Attacker(s) are initiating sponsored ERC20 transactions in an attempt to trick users to sending funds to an address the attacker owns. These sponsored transactions are appearing in history to make it look like the user has sent ERC20s to the attacker's address previously.
etherscan/ethvalidate#121
Expected Behavior:
Account history should filter out / grey out / or alert users to a sponsored transaction so they don't think their account has been hacked, and to reduce the chance they send to the wrong address.
The text was updated successfully, but these errors were encountered: