Recent record network activity on Ethereum could be partially linked to a wave of address poisoning attacks taking advantage of extremely low gas fees, according to security researcher Andrey Sergeenkov.
Cointelegraph reported on Friday that network activity retention nearly doubled to 8 million addresses in a month, while daily transactions hit an all-time high of almost 2.9 million.
The week starting Jan. 12 saw 2.7 million new addresses, which is 170% higher than typical values. Daily transactions surged to over 2.5 million during this period, Sergeenkov noted.
However, Sergeenkov stated that the uptick could be attributed to a type of mass spam attack known as “address poisoning.” This attack method has become more economical following the December Fusaka Ethereum network upgrade, which significantly reduced transaction fees.
Network fees fell more than 60% in the weeks that followed the upgrade in early December.
“Address poisoning has become disproportionately attractive for attackers,” said the researcher. He added, “you can't scale infrastructure without addressing user security first!”
$740,000 Lost in Address Poisoning Attacks
Address poisoning involves sending small transactions from wallet addresses that are designed to resemble legitimate ones. This tactic aims to dupe users into copying the wrong address when making a transaction, leading to fund loss.
The researcher analyzed small stablecoin transactions and found that 67% of new addresses receive less than $1 in their first transaction.
Automated smart contracts are used to distribute tiny amounts of stablecoins to millions of addresses. Consequently, 3.8 million addresses received such “dust” as their initial transaction.
“These poisoning addresses then distribute dust to millions of potential victims, creating false entries in transaction histories.”
To date, over $740,000 has been stolen through these methods from 116 victims, Sergeenkov reported.
