In terms of computer security, honeypot is a method to trap attackers and hackers who intend to attack the network; But in the world of digital currencies hackers and attackers are also to trap Novice investors They use it. In this article, we are going to thoroughly examine the Honeypot scam in the world of cryptocurrencies and teach you ways to increase the security of your cryptocurrency assets.
What is a honeypot?
Honeypot is actually kind of Smart contract It doesn’t seem to work properly. In this method, users are allowed to withdraw all the cryptocurrencies in the contract by sending a certain amount of cryptocurrency to the specified network. Most likely, if you do not have information about this method, you will be tempted to deposit the said amount of cryptocurrency and withdraw all the coins in the contract; But when you complete all the steps and intend to withdraw the coins, the system does not allow you to withdraw.
Examining how Honeypot works
According to the explanations given in the previous section, it can be said that in this method, all the assets that the user deposits are blocked and only the attacker can recover them. In general, honeypots are implemented in three stages.
- Baiting via an apparently flawed smart contract.
- Depositing money by the victim in order to access all the assets in the contract.
- Withdrawal of the victim’s blocked funds by the attacker who designed the contract.
The thing you should pay attention to is that doing Honeypot in smart contracts does not require special skills. In order to create such a contract, the attacker needs some money to do the initial baiting.
Types of honeypot methods
Honeypots can be divided into two general categories.
- research
- productive
Research honeypot
This method is mostly used to collect information about various attacks and check how they work. In this way, the systems collect specific information such as the attackers’ tendencies, the types of malware used, and possible vulnerabilities. This will help the developers to identify the weak points of the network and fix them in the next updates.
Production honeypot
In this method, unlike the previous method, the developer intends to identify the network intrusion and deceive the attacker and trap him.
According to the explanations, it can be concluded that the research model has more complexities than the production model; But it also provides more information to developers.
Various interior levels of Honeypot
The choice of internal research and production honeypot levels has a direct relationship with the needs of companies; But in the following we will examine some of the most important levels.
Honeypot with high engagement
Due to the implementation of multiple services, this type of interaction can be compared to a pure honeypot, with the difference that the complexity and amount of stored data is much less. Developers and companies use this system to identify an attacker’s strategy.
Using this method requires a lot of resources; But the collected results are very valuable.
Honeypot with intermediate interaction
Developers with middleware try to confuse the attacker by obfuscating them to buy more time to figure out the best countermeasure.
Honeypot with low interaction
Low-interaction honeypot can be considered the most common method to identify attackers. In this method, various services are activated to identify the attacker before attacking the main network. Many security teams prefer to use this method to maintain security; Because it is very easy to set up and maintain.
Pure Honeypot
Managing this honeypot is very complicated and difficult. To run in a network, you need to provide multiple servers to the developers and security team to enable multiple sensors and monitor all user information and confidential data. The information extracted from this method is more valuable than all the previously mentioned methods.
Technologies used in Honeypot
Various technologies are used in Honeypot, some of the most important of which are:
- Malware honeypot
- Client side honeypot
- Honeynet
- Open email relay
- Database honeypot
Honeypot detection method
One of the ways of detection is to check the amount of buying and selling of coins in the network. For this, it is enough to carefully check the transaction history. In such scams, the purchase volume is usually high and the sales volume is very low. Attackers lure you into buying assets that you can never sell with the promise of withdrawing more coins.
An example of a cryptocurrency honeypot scam
The first type of this fraud was carried out in 2018 in the digital currency market. By publishing the private key of his Minerium wallet in a public chat, someone announced to users that they could withdraw $5,000 from this wallet. This issue tempted many people to do this; But none of these people knew that they had invested in a special smart contract to do this.
To get $5,000, the user had to first connect his wallet to the Minerium site, then transfer the desired amount to his wallet; But to confirm, he had to pay gas transaction fee. The clever part of this scam is related to this part. The user pays the transaction fee in the hope of transferring the amount, unaware that the fraudulent person transfers the desired amount to another wallet using a smart contract. In this case, the user not only loses his money; Rather, he is unable to withdraw $5,000,000 due to the transaction not being approved.
In general, honeypot fraud methods are very similar to phishing. In both methods, the attacker encourages the user to pay a predetermined amount by pretending to justify an operation.
Honeypot is a method of deceiving or trapping an attacker
Honeypot can be considered a double-edged sword that can be used to commit fraud or trap attackers. The determining factor for identifying this issue is the intention of the user. If the goal is anything other than fixing security issues, the honeypot is designed to trick users.
What is honeypot writing? How does it work and what is its detection method? The first time in the blog Valx. appeared.
