Open AccessPosted Content
Characterizing Cryptocurrency Exchange Scams
Reads0
Chats0
TLDR
This paper identifies over 1,500 scam domains and over 300 fake apps, by collecting existing reports and using typosquatting generation techniques, and characterize the impacts of such scams, revealing that they have incurred financial loss of 520k US dollars at least.Abstract:Â
As the indispensable trading platforms of the ecosystem, hundreds of cryptocurrency exchanges are emerging to facilitate the trading of digital assets. While, it also attracts the attentions of attackers. A number of scam attacks were reported targeting cryptocurrency exchanges, leading to a huge mount of financial loss. However, no previous work in our research community has systematically studied this problem. In this paper, we make the first effort to identify and characterize the cryptocurrency exchange scams. We first identify over 1,500 scam domains and over 300 fake apps, by collecting existing reports and using typosquatting generation techniques. Then we investigate the relationship between them, and identify 94 scam domain families and 30 fake app families. We further characterize the impacts of such scams, and reveal that these scams have incurred financial loss of 520k US dollars at least. We further observe that the fake apps have been sneaked to major app markets (including Google Play) to infect unsuspicious users. Our findings demonstrate the urgency to identify and prevent cryptocurrency exchange scams. To facilitate future research, we have publicly released all the identified scam domains and fake apps to the community.read more
Citations
More filters
Journal ArticleDOI
Cryptocurrencies and future financial crime
Arianna Trozze,Josh Kamps,Eray Arda Akartuna,Florian Hetzel,Bennett Kleinberg,Toby Davies,Shane D. Johnson +6 more
TL;DR: In this paper , a review of the current state of knowledge about what kinds of cryptocurrency fraud currently exist, or are expected to exist in the future, and provides comprehensive definitions of the frauds identified.
Journal ArticleDOI
Applications of deep learning for phishing detection: a systematic literature review
TL;DR: In this paper , the authors performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications.
Posted Content
Tracking Counterfeit Cryptocurrency End-to-end.
TL;DR: By analyzing over 190K ERC-20 tokens (or cryptocurrencies) on Ethereum, this paper has identified $2,117$ counterfeit tokens that target 94 of the 100 most popular cryptocurrencies and devised techniques to identify such scams.
Posted Content
DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart Contracts
TL;DR: This paper implements DEPOSafe, an automated tool to detect and verify (exploit) the fake deposit vulnerability in ERC-20 smart contracts, and identifies over 7,000 vulnerable contracts that may suffer from two types of attacks.
Proceedings ArticleDOI
Rotten Apples Spoil the Bunch: An Anatomy of Google Play Malware
TL;DR: An in-depth analysis of Android malware that bypassed the strictest defenses of the Google Play application store and penetrated the official Android market between January 2016 and July 2021 is provided.
References
More filters
Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
TL;DR: This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
Proceedings ArticleDOI
Detecting Ponzi Schemes on Ethereum: Towards Healthier Blockchain Technology
TL;DR: By verifying smart contracts on Ethereum, this paper first extracts features from user accounts and operation codes of the smart contracts and then builds a classification model to detect latent Ponzi schemes implemented as smart contracts, and shows that the proposed approach can achieve high accuracy for practical use.
Proceedings ArticleDOI
Understanding Ethereum via Graph Analysis
TL;DR: This paper designs a new approach to collect all transaction data, constructs three graphs from the data to characterize major activities on Ethereum, and proposes new approaches based on cross-graph analysis to address two security issues in Ethereum.
Proceedings ArticleDOI
Data Mining for Detecting Bitcoin Ponzi Schemes
TL;DR: In this article, the authors apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes, which are fraudulent investments which repay users with the funds invested by new users that join the scheme, and implode when it is no longer possible to find new investments.
Journal ArticleDOI
Dissecting Ponzi schemes on Ethereum: Identification, analysis, and impact
TL;DR: A comprehensive survey of Ponzi schemes on Ethereum, analysing their behaviour and their impact from various viewpoints shows that they still make users lose money, but at least are guaranteed to execute "correctly".