Florence Finance, a credit project based on real-world assets, recently fell victim to a complex phishing attack that resulted in approximately 1.45 million USDC loss. The attack, carried out using address poisoning technique, highlighted the security vulnerabilities faced by crypto projects and emphasized the urgency of advanced security measures in the digital finance sector.
Address poisoning, an identity theft technique commonly encountered in the crypto space, played a significant role in the Florence Finance attack. Such attacks can lead to traffic redirection, service interruptions, or unauthorized access to sensitive data by manipulating user behavior.
Attackers often exploit vulnerabilities in the system infrastructure by manipulating routing tables or injecting incorrect data. By compromising the integrity and functionality of the system, they can cause serious consequences such as data breaches or service disruptions.
Defending against address poisoning attacks requires constant vigilance, strong cybersecurity measures, and the ability to detect and mitigate potential threats in real-time. Meir Dolev, co-founder and CTO of Cyvers, explained that this technique involves creating a wallet address that closely mimics a legitimate address used by the victim.
The attacker relies on human error and tricks users into selecting the fake address by subtly changing a few characters of the original address, causing people to unknowingly send money to the attacker’s wallet.