I recently made a post (https://www.reddit.com/r/CryptoCurrency/comments/105kx22/i_just_got_phished_for_5k_in_the_worst_possible/) in which I initially thought I got a malware or virus which changed my wallet address while pasting however after reading many articles and recalling what happened, I can assure that it was Address Poisoning Attack.
What it Address Poisoning Attack: It is an attack in which attacker send a spoof transaction from my own wallet address to my previously used address where I sent USDT/USDC/ETH etc.
In my case, they sent transactions from my own address (using smart contract) to their fake addresses which looks exactly similar to mine on the first look.
This is what I saw in my ledger: https://i.imgur.com/DRQEyUr.png
On 1st Jan, 2023 at 1:33 PM, I sent 5000 USDT to Binance.
After that, I got 7 spoof transactions in which all were sent to similar address as of the real binance address.
This is how a transaction looks like when clicked: https://i.imgur.com/xAQAs45.png
So, I clicked this transaction and copied the To account and pasted it in my ledger.
Today at 2:25 PM, I sent 5000 USDT to Binance, little did I know that it wasn’t real one.
Now, this is my own fault. In my defense, I will say that I always sent any amount by checking first 4 digits and last 4 digits of my wallet address. I have been using this Binance Address since 2021 and I remember the last 4 digits orally.
Until today, I never knew Vanity Address Generation is possible in Ethereum. It was a very smart attack by the attackers and now I am feeling a fool.
I am just posting it here so that all of you can learn from my $5000 mistake. I am not going to get it back as the hacker used Tornado.cash to add MATIC balance to their addresses.
If anyone want to help me a little bit, you know my wallet. I would appreciate it.