Slow Mist Cosine: Measures such as wallet whitelisting mechanism and two-factor authentication combined with well-known hardware wallets should be used to defend against "transaction record contamination attacks"

Slow Mist Cosine revealed that the phishing method of poisoning addresses with similar first and last numbers is still widespread, seriously affecting the security infrastructure of the blockchain industry. Cosine pointed out that this kind of poisoning of wallet transaction history mainly involves a variety of techniques, including fake token contract code sending false event logs to deceive block browsers and wallets, and using zero-amount transfer event logs to fill in the address in the from/to field at will. These techniques can make users mistakenly believe that the transaction is from their own operation. Other common techniques include sending small amounts of funds to the source address with the same first and last characters, combining clipboard hijacking technology, and impersonating well-known decentralized exchanges to output false event logs.
Cosine suggests that users should make good use of the wallet whitelist mechanism, carefully check the full address, and combine well-known hardware wallets for two-factor authentication.
Previously, it was reported that two addresses were hit by "transaction history contamination attacks" in the past 14 hours, with a total loss of more than 140,000 US dollars.