Months ago, when I was new to crypto, I connected my Metamask wallet to a site to withdraw some funds. I did this a few times actually without issues. It seemed as reliable as any exchange – pancake swap, 1inch, uniswap, raydium, etc…
The site was even verified by Haze crypto when I used it months ago, but it has since been updated and now warns of the site as a scam. I’m unsure if I’m allowed to post the name of the exchange site, a mod can tell me if its ok. I actually hadn’t even used the site this year.
The scammers were patient. They waited until the wallet had more funds in it than it did when first connected. Around $1400 BUSD worth.
How did it happen?
I found the transaction on bscscan and traced the wallet address back to the exchange site. I remembered using it once last year, but not much more. So I decided to create another wallet and conducted some tiny transactions to try to figure out how the scam worked.
This is what I believe happened.
The wallet was connected to the exchange like any other. The exchange was audited and seemed legit. I performed tiny transaction of some BUSD and the approval request from Metamask appeared. Looking carefully, I noticed that the approval button was designed to approve THREE (3) transactions. One was the transacrtion I had made, but one of the other transactions was an authorisation for the exchange to withdraw up to $100000000 BUSD!
What the hell? I never noticed a transaction like that before. I checked my main Metamask and found the same type of authorisation last year. Shit. Somehow hidden among normal transactions I had approved a request to allow this exchange to withdraw funds whenever they fucking wanted. All they had to do was watch my wallet transactions and determine a point when they thought I currently had a lot more money than usual stored.
How to prevent in the future?
Naturally, I was concerned that I had conducted similar type transaction approval requests in the past, so I started to research how to check who/what else has access to my wallet. I fortunately fopund nothing else of concern. But I wanted to share how to check it for yourselves.
Firstly, Make sure that existing connected sites are accurate.
Anything you don’t use anymore, or worse, don’t recognise should be immediately removed. This is easy to do. Open your wallet, click the three dots and select ‘connected sites’, browse through the list and revoke anything that you don’t want.
Secondly, revoke any tokens. This is likely something very few people do. And this is how I got scammed.
For Ethereum Mainnet/Binance Smart Chain, visit the site token checker on ethscan/bscscan. Enter your ETH/BSC wallet address and browse though the list. Revoke anything you no longer use.
submitted by /u/Educational_Rope_703
[link] [comments]