With Trail to Follow: Measurements of Real-world Non-fungible Token Phishing Attacks on Ethereum
arxiv(2023)
摘要
With the popularity of Non-Fungible Tokens (NFTs), NFTs have become a new
target of phishing attacks, posing a significant threat to the NFT trading
ecosystem. There has been growing anecdotal evidence that new means of NFT
phishing attacks have emerged in Ethereum ecosystem. Most of the existing
research focus on detecting phishing scam accounts for native cryptocurrency on
the blockchain, but there is a lack of research in the area of phishing attacks
of emerging NFTs. Although a few studies have recently started to focus on the
analysis and detection of NFT phishing attacks, NFT phishing attack means are
diverse and little has been done to understand these various types of NFT
phishing attacks. To the best of our knowledge, we are the first to conduct
case retrospective analysis and measurement study of real-world historical NFT
phishing attacks on Ethereum. By manually analyzing the existing scams reported
by Chainabuse, we classify NFT phishing attacks into four patterns. For each
pattern, we further investigate the tricks and working principles of them.
Based on 469 NFT phishing accounts collected up until October 2022 from
multiple channels, we perform a measurement study of on-chain transaction data
crawled from Etherscan to characterizing NFT phishing scams by analyzing the
modus operandi and preferences of NFT phishing scammers, as well as economic
impacts and whereabouts of stolen NFTs. We classify NFT phishing transactions
into one of the four patterns by log parsing and transaction record parsing. We
find these phishing accounts stole 19,514 NFTs for a total profit of 8,858.431
ETH (around 18.57 million dollars). We also observe that scammers remain highly
active in the last two years and favor certain categories and series of NFTs,
accompanied with signs of gang theft.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要