Ice Phishing Threat to the ERC-20 Tokens on the Blockchain

,

ice_phishing

The worldwide evolution of blockchain has happened rapidly. In the business world, blockchain is witnessing expanded adoption due to its efficiency in digital identity verification, and the safe transfer of both data and funds through smart contracts.

Smart contracts have enterprise applications within the food services, economic, healthcare, administration, and manufacturing industries, among others. While smart contracts are routinely audited by blockchain security firms like Halborn, they are also sensitive to phishing attacks.

Cryptocurrency and blockchain enthusiasts usually say cryptocurrency is a safer option than other digital payment modes. While the blockchain does have numerous cybersecurity benefits, it isn’t unsusceptible to scams and it certainly isn’t unhackable. The rise of new threats like ice phishing emphasizes these vulnerabilities.

Before knowing what exactly an ice phishing attack is and how it works, it is important to first understand some necessary background information on Web3.

WHAT IS WEB3?

As mentioned earlier, to better understand ice phishing, a quick primer on blockchain, non-custodial wallets, smart contracts, and ERC-20 tokens is required. Let’s dissect these key Web3 terms one by one.

  • Blockchain: The blockchain is a circulated ledger defended and secured by cryptographic algorithms. It can be considered as a database that displays transfers of cryptocurrencies from one account to another. Transactions a user executes on a blockchain may alter the ledger, for example, by transmitting cryptocurrencies from his account to another account.
  • Non-custodial wallets: Wallets envision the cryptocurrencies in a user’s account. Contrary to popular belief, wallets actually do not carry cryptocurrencies. Cryptocurrencies are reserved on the circulated ledger, i.e. the blockchain. A wallet permits users to utilize its cryptographic keys to sign transactions to transfer the coins to another account. In other words, a user’s cryptographic keys give him credentials to his cryptocurrencies. If a user discloses that key to another party or individual, then his funds may be transferred without his permission.

There are two kinds of wallets – custodial wallets and non-custodial wallets. The custodial are wallets linked with cryptocurrency exchanges, whereas the non-custodial is a wallet that resides on a user’s device. The major dissimilarity between the two is who has access to and handles the cryptographic keys to sign transactions. Non-custodial wallets give the owner credentials to the cryptographic keys, whereas custodial wallets do not.

  • Smart contracts: Smart contracts are code implemented on the blockchain that can carry cryptocurrencies and execute transactions. Smart contracts only run when a standard account – also dubbed externally owned account (EOA) – or another smart contract starts its undertaking.
  • ERC-20 tokens: ERC-20 tokens are unique kinds of cryptocurrency tokens that are executed through an ERC-20 smart contract, basically as a balance sheet with a collection of operations that authorize the transfer of these tokens from one account to another. Each ERC-20 token has its smart contract that executes the ERC-20 token standard. For instance, LINK is a token.
Read Complete Article at HALBORN.com by: Rob Behnke
facebookShare on Facebook

Related Posts