Jump to content

Sent to wrong address, Please help!


Recommended Posts

Im always nervous about the stupid way we have to buy XRP but now I know why so many do not even try.  I bought $550 ETH on coinbase, used the copy and paste feature on binance to send it there. I checked the first 2 digits and last 2 like I have for many transactions before then the email I receive from coinbase tells me that I haven't previously used this address.  I review the address and some info in the middle is different, wtf just happened and is there anything I can do. I cant figure out how most the address is the same with info in the middle jacked up (thinking I accidently clicked on an address that wasn't etherium).  I feel sick to my stomach, is there anything I can possibly do to fix this?

Link to comment
Share on other sites

  • Replies 2
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Have you used that deposit address before (the real one)? I wonder if this is an advanced form of clipboard hijacking.

You could have some malware sitting on your computer watching your clipboard, programmed to recognise ETH addresses that you use. The first time you use an address, it sends it back home, where a new, similar address is generated. XRP vanity addresses with four specified characters can apparently be created in about an hour by a desktop PC. I don't know if ETH addresses are as easy to brute force, but I would not be surprised if they are.

Then the attacker sends the new, similar address back to your malware, and it waits until the next time you copy the original address to the clipboard, then overwrites it with the new address. You don't notice when you paste it because the first and last two characters are the same.

If such an attack could be automated and deployed widely, that would be quite lucrative for the attacker; I wonder how many characters most people check when copying addresses.

The above is just speculation on my part, I don't know if such a sophisticated attack exists yet.

Unfortunately you can't do anything to get it back unless you can track down the owner of the address and ask (impossible unless it's a well known exchange address or similar).

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...