Diversification: Do not invest all funds in a single token or project, diversifying investments can reduce overall risk and ensure that even if some investments fail, significant losses will not occur.
OKX Web3 Wallet Security Team: Rug pull events are common in blockchain projects, users should be vigilant. For example:
1. Research project background: Before purchasing any token, thoroughly research the project. Understand the project’s vision, team members, whitepaper, roadmap, etc. Look into community discussions about the project to understand others’ opinions.
2. Note warning signs: Some warning signs may indicate that a token is a scam or untrustworthy. For example, anonymous teams, exaggerated promises, lack of transparency, etc. If you notice any warning signs, it is best to stay alert and avoid purchasing such tokens.
3. Use token scanning tools: Utilize token scanning features provided by OKX Web3 Wallet and other platforms. These tools analyze contracts, on-chain activities, community feedback, etc., to detect potential scams in tokens.
4. Review contracts: On Ethereum or other smart contract platforms, you can view the token contract code. Reviewing contracts can help determine the credibility of tokens. Be cautious if the contract code contains suspicious logic or is not open-source.
5. Stay vigilant: Do not easily trust recommendations from strangers or promotional materials in communities. If a project makes overly optimistic promises, be skeptical and maintain rationality.
How users can prevent MEV attacks and avoid fund losses
GoPlus Security Team: To prevent fund losses from MEV (Miner Extractable Value) attacks, users can take the following detailed measures.
1. Use specialized tools
• Anti-MEV feature: Users can enable anti-MEV features in wallets using specially designed transaction tools or plugins. These tools can identify and avoid potential MEV attacks, protecting users’ transactions from miners and other attackers.
• Transaction protection services: Some platforms offer transaction protection services that can split or obfuscate user transactions to reduce the risk of MEV attacks. These services help users execute large transactions more securely.
2. Diversify trading times:
• Avoid peak hours: Avoid conducting large transactions during peak trading hours when MEV attacks are more active. Peak hours usually coincide with significant market volatility or major news releases. Trading during lower volume periods can effectively reduce the risk of attacks.
• Schedule trades: Use scheduled trading features to spread out large transactions across multiple time points, reducing the risk of exposure to MEV attacks in a single transaction.
3. Utilize privacy technologies:
• Privacy nodes: Users can send transactions to privacy nodes (like Flashbots) to ensure transactions are executed normally. Flashbots can send transactions directly to miners, bypassing public transaction pools, thus avoiding MEV attacks. However, this method may slightly slow down transaction confirmation speeds as transactions must wait for block confirmation to verify their status.
• Transaction obfuscation: Use transaction obfuscation techniques to split transactions into smaller amounts and mix them before sending, increasing transaction privacy and reducing the risk of attacks.
4. Diversify strategies:
• Diversify trading: Do not concentrate all trades at the same time or on the same platform, diversify risks to reduce the likelihood of being targeted. By diversifying trades, attackers find it difficult to predict and intercept all transactions, lowering overall risk.
• Use multiple trading platforms: Utilize multiple trading platforms and tools, avoiding conducting all trades on a single platform to reduce the risk of centralized attacks.
5. Choose pools with sufficient LP:
• High liquidity pools: Choose trading token pools with high liquidity and abundant LP (Liquidity Providers) to prevent slippage losses and MEV attacks due to insufficient liquidity. High liquidity pools can absorb large trading volumes, reducing the risk of manipulated trades.
• Review trading depth: Before executing trades, check the depth of the trading pool and the liquidity of the trading pair to ensure smooth transactions without causing significant price fluctuations.
6. Set reasonable slippage tolerance:
• Slippage protection: Set a reasonable slippage tolerance on the trading platform to prevent price deviations from expectations. Setting too high a slippage tolerance increases the risk of MEV attacks, while setting it too low may result in trade failures. Adjust slippage tolerance according to market conditions to achieve optimal protection.
7. Continuously monitor and adjust strategies:
• Trade monitoring: Continuously monitor your trading activities to promptly detect and respond to potential MEV attacks. Use analytical tools and monitoring services to track transaction execution and market reactions.
• Adjust strategies: Based on trade monitoring results and market changes, adjust trading strategies and protection measures promptly to ensure that trades remain secure.
OKX Web3 Wallet Security Team: We have distilled several key points, including:
1. Focus on trading depth and set slippage: Pay attention to trading depth, split large trades into smaller ones, execute multiple times, and set slippage protection to reduce the likelihood of attacks.
2. Use privacy-protecting nodes: Choose RPC nodes with privacy protection features, preventing transactions from being exposed, such as Flashbot privacy RPC nodes.
3. Choose trusted wallets and applications: Use reputable wallets and applications that provide MEV protection (such as the OKX Wallet native DAPP), avoiding unknown or unverified services.
Once a user’s wallet assets are stolen, how to remedy the situation?
GoPlus Security Team: Many users, upon discovering their wallet assets suddenly missing, often lack the experience or methods to handle the situation effectively, leading to further losses of recoverable assets. To help users promptly take the correct actions after their assets are stolen, here are several key remedial measures:
Step One: Transfer remaining tokens in the wallet
• Create a new wallet: Immediately create a new wallet address, ensuring that the new wallet address and private key are secure and not compromised.
• Transfer assets: Swiftly transfer any remaining tokens in the wallet to the newly created wallet to prevent further asset theft.
• Revoke authorizations: Use authorization management tools to revoke any unnecessary smart contract authorizations in the old wallet, further protecting remaining assets.
• Use recovery tools: When necessary, use recovery tools and services to swiftly recover losses. These services can help prioritize asset transfers to avoid being automatically siphoned by hackers monitoring transactions.
Step Two: Identify the root cause of the theft
1. Check devices and accounts
• Device security check: Inspect the device used to access the wallet to ensure no malicious software, viruses, or spyware are present. Conduct a comprehensive scan using trusted antivirus software.
• Account security check: Examine accounts associated with the wallet, such as trading platforms, emails, etc., to ensure they have not been compromised by hackers.
2. Locate the theft reason
• Stolen private key: If the private key is stolen, hackers can gain full control of the wallet and transfer all assets. If an EVM wallet’s private key is leaked, hackers can transfer assets from multiple EVM-compatible chains. Check for signs of private key or mnemonic phrase leakage, such as entering them on phishing websites.
• Deceived authorizations: Check if malicious smart contracts were authorized unknowingly. Use Etherscan or other blockchain explorers to review authorization history and identify abnormal authorizations.
• Malicious signatures: Confirm whether malicious transactions or information were signed. Especially operations signed through DApps or other services, identify unknown or suspicious signatures.
3. Review transaction records:
• Analyze transaction history: Use blockchain explorers (such as Etherscan, BscScan) to view the wallet’s transaction records, identify suspicious transactions and unclear fund movements.
• Gather evidence: Record detailed information on suspicious transactions, including transaction IDs, timestamps, counterparty addresses, etc., to provide evidence for subsequent reporting and investigations.
Step Three: Report and file a case
1. Report to authorities
• Contact local law enforcement: Immediately contact local law enforcement agencies to report the wallet asset theft incident. Provide detailed transaction records and evidence to help authorities understand the case.
• Initiate an investigation: Fill out necessary forms and documents as per law enforcement requirements to ensure the case is officially filed. Provide as many clues and evidence as possible to assist authorities in their investigation.
2. Maintain communication
• Follow up regularly: Stay in touch with law enforcement to monitor the progress of the case, providing any new leads or information.
• Assist in the investigation: Cooperate actively with law enforcement investigations, providing any required information and support.
Step Four: Seek professional assistance and freeze stolen funds based on fund tracing
1. Contact professional security organizations
• Professional assistance: Reach out to blockchain security companies or professional security organizations to request their help. These organizations can provide technical support to track and analyze the flow of stolen funds.
• Trace funds: Use professional blockchain analysis tools to track the flow of stolen funds, identify the exchanges involved in fund flow, and the final receiving addresses.
2. Request exchanges to freeze funds
• Contact exchanges: Reach out to exchanges involved in the flow of stolen funds, providing detailed transaction records and evidence, requesting their assistance in freezing the stolen funds.
• Provide evidence: Submit police case evidence, transaction records, and analysis reports to exchanges, proving the funds are stolen assets, and request cooperation to freeze them.
• Follow up: Maintain communication with exchanges, regularly follow up on the progress of frozen funds, ensuring a swift recovery of stolen assets.
OKX Web3 Wallet Security Team: When a blockchain user’s wallet assets are stolen, remedial measures may be limited as the decentralized and immutable nature of blockchain makes transactions irreversible once confirmed. Here are some possible remedial measures:
1. Take immediate action
1) Analyze the cause of the theft
• If authorized to a hacker’s address, immediately revoke authorization on the platform.
• If the private key is leaked, conduct a comprehensive security check, identify the cause of the private key leakage, reinstall the system, and change the wallet.
2) Asset rescue
• If there are still some remaining assets in the wallet or assets in DeFi projects, asset rescue can be conducted to minimize losses.
3) Track fund movement
• Seek assistance from white hat hackers or security community members to monitor the flow of funds. If funds are found to move to an exchange, you can request the freezing of their account.
2. Report to relevant authorities
1) Report the issue to wallet customer service
2) File a police report, report the theft incident to authorities, providing all relevant information. This information can help users freeze exchange accounts when funds are found to flow to exchanges.
3. Seek help from the blockchain community
1) Post announcements on blockchain social media platforms like Twitter, where the community may assist in tracking and stopping the flow of stolen funds.
2) Offer rewards to incentivize white hat hackers or community members to help recover assets.
4. Prevention
1) Engage in educational training to learn more about how to protect oneself from future attacks.
2) Use cold wallets to store a significant portion of assets offline.
3) Securely backup keys
In conclusion, while the characteristics of blockchain technology make recovering stolen assets challenging, taking swift action and implementing various remedial measures can help minimize losses and mitigate future risks.
Finally, thank you for reading the OKX Web3 Wallet “Security Special Edition” column in the 6th issue. We will summarize the content of the “Security Special Edition” series in the final issue, which will include real cases, risk identification, and practical security operations. Stay tuned!
Disclaimer:
This article is for reference only. This article does not intend to provide (i) investment advice or recommendations; (ii) solicitations or solicitations to buy, sell, or hold digital assets; or (iii) financial, accounting, legal, or tax advice. Holding digital assets (including stablecoins and NFTs) involves high risks, which can fluctuate significantly, even becoming worthless. You should carefully consider whether trading or holding digital assets is suitable for you based on your financial situation. Please take responsibility for understanding and complying with relevant local laws and regulations.
