A Reddit user by the name of “seraf1990” He warned of a “copy and paste” cryptocurrency scam that replaced a wallet address copied from Coinbase with one that belonged to the alleged fraudsters. According to seraf1990, lost Bitcoin (BTC) worth around $ 350, Money that he said was intended to pay his rent for the next month.
The post explains that seraf1990 tried to withdraw some of its funds in BTC by transferring them from Binance to its Coinbase account. After copying the exchange’s Bitcoin wallet address, he pasted it into the appropriate field on Binance and completed the transaction “without a second thought”. It wasn’t until later that he found out that the address had somehow been changed.
These types of attacks are very common, with one major difference. Often times, if a malicious actor changes your address to their own, the two are fundamentally different, making the vulnerability relatively easy to identify. In the case of seraf1990, however, the first four digits of the two addresses were identical.
Another exacerbation of this problem was the fact that Coinbase only displayed the first five digits of the wallet on the user’s device.
In the post, seraf1990 stated that the device used to carry out the transaction was a Windows PC. Some responses speculated that malware could be behind the scam, although the method has never been directly confirmed.
Cointelegraph reported a similar incident in June. According to the news, cyber criminals pretended to be an encrypted messaging service to steal Bitcoin using the copy and paste feature.