Categories: Press Release

Singaporean Blockchain Wallet Security Company Discovers New Type of Scam Targeting Centralized Exchanges

Fraudulent Transactions Exploit Wallet Vulnerability, Could Have Stolen More than $3 Million in TRX

Singapore, 6th August 2024, ZEX PR WIRE, CoinsDo, a Singaporean blockchain asset security company, has uncovered a sophisticated scam involving fake transactions and multiple smart contracts targeting major centralized cryptocurrency exchanges. While only a single successful instance of this scam has been confirmed, further analysis of the smart contracts in question revealed that the perpetrators initiated hundreds of these fake transactions, potentially defrauding exchanges, payment gateways, and centralized wallet companies of more than $3 million USD worth of TRX. 

It is highly possible that both firms who built their own wallet infrastructure as well as major wallet solution providers like Fireblocks are not adequately prepared to detect this type of fraudulent transfers. This presents a major operational loophole to be exploited by malicious actors.

The scam began with the perpetrator initiating a fraudulent TRX transfer to their deposit address on a centralized exchange. Through the use of multiple smart contracts, they were able to trick the exchange’s wallet infrastructure into validating the fraudulent transaction. This led the exchange to credit the equivalent amount of cryptocurrency to the perpetrator’s account, which they promptly liquidated for cash. 

The transaction looks just like a regular, successful transfer via smart contract.

The perpetrator had mass-triggered a smart contract (Smart Contract A) to initiate multiple transfers via a proxy smart contract (Smart Contract B) to roughly 100 end-user deposit addresses on various centralized exchanges

Smart Contract A was programmed to interact with Smart Contract B to initiate transfers as internal transactions, a sophisticated technique allowing the perpetrator to make fraudulent transactions appear legitimate. 

Graphical illustration on how the fraudulent transaction was made

What was so insidious about this fraudulent transaction was the fact that it could only be identified by a single parameter in the transaction data – “rejected”: true.

A tell-tale sign of a fraudulent transaction.

Malicious actors are getting more creative in their ways of stealing funds, targeting previously overlooked loopholes and vulnerabilities instead of private keys. Just look at the recent WazirX and Lmnl case, which resulted in losses over $230 million. This raises the question of whether wallet providers are overly focused on encryption technologies and algorithms, potentially at the expense of more practical security measures.

To better protect yourself from scams like the one mentioned, it is recommended that all wallet solution providers take extra care to verify transaction details, both internal and external, especially when smart contracts are involved. 

Source: https://www.coinsdo.com/en/blog/new-scam-alert-tron

Zex PR Wire

Recent Posts

Franklin Morgan & Associates Successfully Represented in DIAC Arbitration for $113M Award

New York, NY, 1st August 2025, Franklin Morgan & Associates is proud to announce that…

2 hours ago

Mint Miner Launches XRP Cloud Mining Contracts, Opening a Low-Entry, High-Yield Model

New York, USA, 1st August 2025, ZEX PR WIRE, Mint Miner, the world’s leading intelligent cloud mining…

2 hours ago

Moonshot MAGAX Presale Goes Live — Built for Virality, Fueled by Community

California, USA, August 1, 2025, After months of building behind the scenes, Moonshot MAGAX  is…

2 hours ago

Find Mining Rises to the Trend: A Mass Mining Revolution in the $4 Trillion Market

Combining cloud computing with artificial intelligence, Find Mining delivers a secure, efficient, and transparent way…

2 hours ago

XRP has surpassed the $3.60 mark, and Ripplecoin mining allows holders to easily cash in their daily gains.

XRP Enters a Key Breakout Window; Ripplecoin Mining Helps You Start a Crypto Cash Flow…

2 hours ago

Blockchain is booming again, and ETH and XRP holders are using InvroMining to increase their income

London, UK, 31st July 2025, ZEX PR WIRE, As a global leader in blockchain financial…

1 day ago