CEXSECURITYWEB3

Research Summary

The report discusses the increasing fraud risks associated with the launch of Web3 wallets by trading platforms like OKX and Binance. It highlights the blurring boundaries between centralized exchanges and decentralized Web3, and the subsequent rise in cryptocurrency scams. The report cites several fraud cases involving built-in wallets, including fake BNB yield fraud, holding USDT mining L1 token scam, and selling fake USDT scam.

Key Takeaways

Integration of CeFi and DeFi

  • Blurring Boundaries: The report notes that the launch of Web3 wallets by trading platforms like OKX and Binance signifies the integration of Centralized Finance (CeFi) and Decentralized Finance (DeFi). This integration is blurring the boundaries between centralized exchanges and decentralized Web3.
  • Increased Fraud Risks: While this integration is seen as an industry trend, it is also increasing the risk of cryptocurrency fraud. The report warns that the integration shortens the path for cryptocurrency criminal groups, reduces the cost of trust-building, and exacerbates fraud risks.

Web3 Wallet Fraud Cases

  • Fake BNB Yield Fraud: The report cites a case where fraudulent groups impersonate official exchange personnel and conduct promotional activities for what they claim to be the platform’s mining pool contract (ETH/BNB). Users are promised automatic acquisition of BNB and 8%-15% returns based on the sent ETH quantity. However, the actual contract returns fake tokens, making them unexchangeable within the exchange.
  • Holding USDT Mining L1 Token Scam: In this scam, perpetrators promise high returns in stablecoin mining, offering BNB/OKB/HT/TRX and other public chain tokens in exchange for holding a certain amount of USDT in the wallet. However, this is merely a lure to trick users into interacting with maliciously authorized contracts, leading to opportunistic theft.
  • Selling Fake USDT Scam: Fraud groups sell fake tokens through various channels, posing as a discounted sale of USDT and other tokens. This type of fraud has resulted in widespread user losses. Among stablecoins with large circulation and a broad audience, USDT is most susceptible to being impersonated.

Increased Fraud Risk in Trading Platform Integrated Wallets

  • Official Background: The report notes that built-in wallets have an official background, which reduces the difficulty for fraud groups to convert users. Users inherently trust wallets that can transfer assets between centralized platform accounts.
  • Lack of Effective Guidance: New crypto users often lack understanding of the risks associated with on-chain interactions. In the absence of sufficient education and guidance, users exploring the “dark forest” of cryptocurrencies alone become easy targets for phishing attacks, arbitrage scams, and other fraudulent schemes.
  • Permissionless Nature: The fraud risk behind Web3 wallets is not from the operators but the inherently permissionless nature of cryptocurrency wallets. Open and highly anonymous online spaces are easily exploited by illegal activities. Trading platform Web3 wallets, backed by massive user traffic, will face more severe security challenges in the future.

Actionable Insights

  • Enhance User Education: Trading platforms should add more tutorials and guidance within the app. Before users create Web3 wallets, they should be required to watch tutorials and related videos, educate them on on-chain security knowledge, and complete risk investigation questionnaires on common on-chain interaction scams.
  • Implement Restrictions for New Users: Newly registered exchange users should not have the ability to transfer assets from the exchange to the Web3 wallet with a single click. Large fund transfers should require identity verification and secondary confirmation.
  • Integrate Third-Party Threat Intelligence Data: Trading platforms should share threat intelligence data with third-party security organizations like Bitrace. This will enable features such as risk authorization reminders for integrated Web3 wallets, cancellation of risky contracts, and new threat pop-ups to enhance new users’ ability to deal with threats.

Related Research